Re: Question about the APEX Admin account.

From: Rich Jesse <rjoralist2_at_society.servebeer.com>
Date: Wed, 29 Jun 2011 12:59:42 -0500 (CDT)
Message-ID: <1f422cb6f7d36c041e729b8de8025bdf.squirrel_at_society.servebeer.com>



GBA writes:

> Can you list potential unwanted behavior at the database level (adding,
> dropping, configuration changes) caused by someone having access to the APEX
> ADMIN account?

If you're talking about the APEX account, it has full control over just about everything APEX, including the ability to insert backdoors into the DB via an APEX app.

> The apex schema has some powerful database privileges and the APEX ADMIN
> account (which I think operates on top of that schema) might be able to
> somehow take advantage of them.

Again you're a little fuzzy here, but if you mean the "FLOWS_{version}" database user, it should be locked as it is both unnecessary and a huge risk to keep open. And, yes, it has many DBA-level privs granted to it.

> Am I getting too paranoid about it?

Not at all. It's an admin account. For admins only.

GL!

Rich

--
http://www.freelists.org/webpage/oracle-l
Received on Wed Jun 29 2011 - 12:59:42 CDT

Original text of this message