RE: DBA Privileges and Developers

From: Jeremiah Wilton <jeremiah_at_ora-600.net>
Date: Thu, 24 Jan 2008 13:09:36 -0800
Message-ID: <01cd01c85ecd$6d927300$48b75900$@net>

Great to have you back, Lisa. Sounds like you did a great job on that document. Nothing works quite as well as facts. Also this is a great way to get the heat off of the DBA for saying "no" and deflect the responsibility for policy decisions to the business, where it belongs. I think that many DBAs do just stand there and say 'NO NO NO', and it gets us a reputation as obstructionists with developers and others.

Now, who's that trip-trapping over my database?

Regards,

Jeremiah Wilton
ORA-600 Consulting
http://www.ora-600.net

Koivu, Lisa wrote:

> Aahh, the age old war, granting DBA privileges…� I am in it
> again up to my eyeballs.� Instead of standing there and saying
> NO, NO, NO, I took the time to pull apart the DBA role and
> document in detail what a majority of the roles and system
> privileges allow a database user to do within the database and
> how some of these privileges are a direct violation of Sarbanes-
> Oxley.� This document is not perfect, but it’s enough to make
> management stop and say, Wait, we can’t allow DBA privileges to
> be granted to individuals outside of an administrative role.� I
> had the document blessed by our security officer.
...

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Jan 24 2008 - 15:09:36 CST

This message: [ Message body ]
Next message: Sanjay Mishra: "Oracle Security Patch"
Previous message: Koivu, Lisa: "DBA Privileges and Developers"
In reply to: Koivu, Lisa: "DBA Privileges and Developers"
Next in thread: Koivu, Lisa: "RE: DBA Privileges and Developers - a thank you."

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message