Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: grant access to another user's objects?

RE: grant access to another user's objects?

From: DENNIS WILLIAMS <DWILLIAMS_at_LIFETOUCH.COM>
Date: Mon, 10 Jun 2002 15:14:48 -0800
Message-ID: <F001.00479B06.20020610151448@fatcity.com> 





Jesse - On another list today someone mentioned that auditors were upset
that the DBA had access to the application tables (like payroll tables, for
example). I was just curious whether this new feature would eliminate the
autitors' concern. I trust you, but man, those auditors are tough.



Dennis Williams


DBA, 20% OCP



Lifetouch, Inc.


dwilliams_at_lifetouch.com





-----Original Message-----


Sent: Monday, June 10, 2002 6:01 PM


To: Multiple recipients of list ORACLE-L




I'm after the audits as a point of tracking my DDL/DCL as SYSDBA more than
for intrusion detection.  As you've eluded to, the truly paranoid would add
more layers of protection and monitoring via triggers, audit opts,
DBMS_JOB/cron jobs, etc. to provide increased accountability and tracking.
Since I only have time to be somewhat paranoid, I've only implemented a few
of these.  :)



And Oracle Support asked me why I would want to audit SYS.  ;)


Rich Jesse                           System/Database Administrator
Rich.Jesse_at_qtiworld.com              Quad/Tech International, Sussex, WI USA






> -----Original Message-----

> From: DENNIS WILLIAMS [mailto:DWILLIAMS_at_LIFETOUCH.COM]

> Sent: Monday, June 10, 2002 5:34 PM

> To: Multiple recipients of list ORACLE-L

> Subject: RE: grant access to another user's objects?

> 

> 

> Jesse - Does the DBA have access to the audit tables? If so, just edit

> yourself back out. I was reading a book about someone that tracks down

> hackers on the Internet. One of his security methods is to 

> copy the system

> logs over to another system every few minutes. He checks to 

> see if the log

> ever gets smaller, which would mean that a hacker erased 

> his/her tracks.

> Dennis Williams 

> DBA 20% OCP


> Lifetouch, Inc.

> dwilliams_at_lifetouch.com


-- 
Please see the official ORACLE-L FAQ: http://www.orafaq.com
-- 
Author: Jesse, Rich
  INET: Rich.Jesse_at_qtiworld.com

Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051
San Diego, California        -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).
-- 
Please see the official ORACLE-L FAQ: http://www.orafaq.com
-- 
Author: DENNIS WILLIAMS
  INET: DWILLIAMS_at_LIFETOUCH.COM

Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051
San Diego, California        -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).


Received on Mon Jun 10 2002 - 18:14:48 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US