| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: RES: Oracle Security Best Practices
Look into the GRANT ANY OBJECT PRIVILEGES privilege which comes with
Oracle9i. This (finally) allows what you are looking for...
on 8/7/03 10:44 AM, SSILVA9_at_BKB.com.br at SSILVA9_at_BKB.com.br wrote:
> Tim,
>
>
>
> Thank you for the reply. We created this after logon trigger. Its
> working very well.
>
>
>
> We are having problems creating the objects and granting the access.
> We figured out that our problem is granting the access because we were
> intended to use the DBA's login, but we can't because the only one that can
> grant access to the object is the owner, correct?
>
>
>
> Do you know how to implement an environment so that allow log on only
> from a specific machine/ip for a given login?
>
>
>
> How do you (as DBA) create objects and give its permissions? With the
> owner's login?
>
>
>
> Thank you,
>
>
>
> Sandro Augusto da Silva
> Technology Services & Support
> NLA Technology Services
> Phone: +55 11 3398-8438
> Fax: +55 11 3398-7522
>
> -----Mensagem original-----
> De: Tim Gorman [mailto:tim_at_sagelogix.com]
> Enviada em: quinta-feira, 7 de agosto de 2003 12:25
> Para: Multiple recipients of list ORACLE-L
> Assunto: Re: Oracle Security Best Practices
>
>
>
> Sandro,
>
> There is an excellent book on "Oracle Security" available online from
> "http://www.sans.org". Concise, organized, and prioritized. Also, Newman and
> Theriault's "Oracle Security Handbook" from Oracle Press is chock full of
> common sense...
>
> Not sure what the question about "automating the migration of stored
> procedures" refers to. Could you provide more information? I don't think I
> understand the problem...
>
> Storing password files on the database server is mainly an exercise in
> ensuring that OS security and file permissions properly implemented. If you
> cannot ensure that OS files are properly secured, then the entire Oracle
> database is at risk, not to mention files containing clear-text passwords
Received on Thu Aug 07 2003 - 14:14:24 CDT
 |
 |