| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.misc -> Re: Oracle Security Question
Volker Hetzer wrote:
> <amerar_at_iwc.net> schrieb im Newsbeitrag
news:1102432338.770876.210810_at_f14g2000cwb.googlegroups.com...
> >
> > Hi All,
> >
> > I am hving real trouble with this one. Basically I've been asked
to
> > crack down on database security. Everyone knows all the passwords
to
> > all the schemas.
> So, change them and tell users their own passwords.
>
> >
> > The problem is this place has several Visual Basic applications
where
> > the password is hard coded into the code. This does me no good,
> > because once I change the password, I need to tell the developer
what
> > it is......it defeats the purpose of changing the password.
> Who asked you to crack down on security? Tell thay guy that the
passwords
> have to go from the apps. Users have to type them in each time they
log on.
>
> >
> > What options are available to me? We are running Oracle 8.1.7.3.
I
> > need to hide the passwords from everyone. But I'm not sure what
> > options I have over a network......
> Can you access an LDAP server?
>
> Lots of Greetings!
> Volker
This issue here is that the developers know the password, and go into production and change stuff. If I tell the developer what the password is, it defeats the purpose of changing the password.
However, I like the idea of hiding it in the registry. That can open up several possibilities.
Arthur Received on Thu Dec 09 2004 - 11:20:13 CST
 |
 |