Re: Would you recommend such an application for production use?

From: Kellyn Pedersen <kjped1313_at_yahoo.com>
Date: Thu, 18 Feb 2010 18:30:59 -0800 (PST)
Message-ID: <498082.79102.qm_at_web32008.mail.mud.yahoo.com>

I agree with Jared on this one.� I don't *expect* my managers to take my recommendations over everyone elses ALL the time :)� but I do know it's important for me to think ahead and gauge all the issues that might arise due to design/coding/security flaws in an application they are going to implement.� I voice my concerns, document my findings and then it's up to my manager from that point.� I know how much he values my opinion, knowing where my loyalties lie and�that's why he's a good manager-� he trusts his employees to do their jobs!
�

I was definitely onto the worse case scenario, 12 steps ahead of the siuation in my earlier comments!� All they wanted to do was create views in the SYSTEM tablespace and here I am, already on the path of "if they can create views, what's next? What is the worse scenario?" I'm a DBA, my job is to protect the database, all of the database, so help me God... :)

After being at RMOUG the last two days, I can say...having trouble keeping up myself with the threads! :) ~Kellyn

On Thu, 2/18/10, Jared Still <jkstill_at_gmail.com> wrote:

From: Jared Still <jkstill_at_gmail.com> Subject: Re: Would you recommend such an application for production use? To: Richard.Goulet_at_parexel.com
Cc: development_at_the-playground.de, "ORACLE-L" <oracle-l_at_freelists.org> Date: Thursday, February 18, 2010, 12:07 PM

comments inline:

On Thu, Feb 18, 2010 at 10:27 AM, Goulet, Richard <Richard.Goulet_at_parexel.com> wrote:

Brother does this list ever produce mountains of messages in �the blink of an eye!!

Hey, it's a vital community! �:)
�

OK, so while creating objects in the sys schema is not the most brilliant thing to do it's not exactly totally unknown. �

I think it is a good idea for the DBA in question to provide some documented security concerns for such issues if possible, in addition to the support concerns.

As decisions to buy a product are almost never based on input from a DBA, it is still valid for the DBA to raise concerns.

That way when the tidal wave of problems rushes in, the DBA is in a� fairly secure position. �Even better if she/he already knows how to deal with the problems.

Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist Oracle Blog: http://jkstill.blogspot.com Home Page: http://jaredstill.com

--
http://www.freelists.org/webpage/oracle-l

Received on Thu Feb 18 2010 - 20:30:59 CST

This message: [ Message body ]
Next message: Karl Arao: "Re: Which sessions hold state on which packages"
Previous message: Kellyn Pedersen: "Re: Would you recommend such an application for production use?"
In reply to: Jared Still: "Re: Would you recommend such an application for production use?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message