| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> RE: methodology to keep only certain programs to connect to
This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.
------_=_NextPart_001_01C258EA.9149CE40
Content-Type: text/plain;
charset="iso-8859-1"
With a setup like this, how do you stop a user from simply renaming the program they are using to match what you expect to see and, therefore, getting past your security ??
-----Original Message-----
From: Shaw John-P55297 [mailto:john.shaw_at_motorola.com]
Sent: Tuesday, September 10, 2002 11:59 AM
To: Multiple recipients of list ORACLE-L
Subject: RE: methodology to keep only certain programs to connect to
use v_$mystat - it has the sid - then do your join with v$session
-----Original Message-----
From: JOE TESTA [mailto:JTESTA_at_longaberger.com]
Sent: Tuesday, September 10, 2002 10:58 AM
To: Multiple recipients of list ORACLE-L
Subject: methodology to keep only certain programs to connect to
I've been tasked to ensure only certain app programs access the database.
I'm thinking on-logon trigger, check the program field from v$session. unfortunately v$session is for all sessions, i can't seem to find the view that tells me only MY info during login. I only want the sid, serial#, username and program for my just now connection to the database.
Does this exist or am I going about this the wrong way?
We're thinking of checking those fields to make sure sql*plus, toad, etc can't connect as a particular user(even though the password is known out in the community).
any ideas would be greatly appreciated.
joe
------_=_NextPart_001_01C258EA.9149CE40
Content-Type: text/html;
charset="iso-8859-1"
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"> <META content="MSHTML 6.00.2719.2200" name=GENERATOR></HEAD><BODY style="MARGIN-TOP: 2px; FONT: 10pt Times New Roman; MARGIN-LEFT: 2px"> <DIV><SPAN class=866415016-10092002>With a setup like this, how do you stop a user from simply renaming the program they are using to match what you expect to see and, therefore, getting past your security ??</SPAN></DIV> <BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px"> <DIV class=OutlookMessageHeader dir=ltr align=left><FONT face=Tahoma>-----Original Message-----<BR><B>From:</B> Shaw John-P55297 [mailto:john.shaw_at_motorola.com]<BR><B>Sent:</B> Tuesday, September 10, 2002 11:59 AM<BR><B>To:</B> Multiple recipients of list ORACLE-L<BR><B>Subject:</B> RE: methodology to keep only certain programs to connect to<BR><BR></FONT></DIV>
 |
 |