| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: Listener password encryption
That is what lies behind the change in 10.1 I think to limit the listener to
within the control of an OS account that is a member of the DBA group.
Obviously everyone restricts membership of this group and all users in it
have strong and secure passwords....
Niall
On 2/16/06, Greg Norris <spikey.mcmarbles_at_gmail.com> wrote:
>
> I wouldn't even bother using an encrypted password, unless of course
> this is being done to satisfy some (clueless) auditor's checklist.
> The way Oracle handles encrypted listener passwords, they're
> absolutely no more secure than the cleartext counterpart... in fact,
> one could easily argue that they're slightly *less* secure.
>
> On 2/16/06, J. Dex <cemail_219_at_hotmail.com> wrote:
> > I am trying to save an encrypted password for the listener and although
> it
> > responds that the command was completed successsfully, it isn't turning
> on
> > security and doesn't seem to be working. Any ideas?
> > This is Oracle 9207 on a Windows 2003 server. This is what I am doing:
> >
> > LSNRCTL>set save_config_on_stop on
> > LSNRCTL>set password password_name
> >
> > My understanding is that security in "status" should be set to on and I
> > should see some comments at the bottom of the listener file, but I am
> not
> > seeing those.
>
> --
> "I'm too sexy for my code." - Awk Sed Fred.
> --
> http://www.freelists.org/webpage/oracle-l
>
>
>
-- Niall Litchfield Oracle DBA http://www.orawin.info -- http://www.freelists.org/webpage/oracle-lReceived on Fri Feb 17 2006 - 03:49:18 CST
 |
 |