Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Restricting internal access to users.

Re: Restricting internal access to users.

From: Daniel Morgan <damorgan_at_exxesolutions.com>
Date: Mon, 11 Aug 2003 17:18:24 -0700
Message-ID: <3F383250.5B6738C8@exxesolutions.com> 





jiju wrote:



> hello,

>

> How do I restrict internal account access to database users? I created

> a user called user1 and granted him connect and resource privileges.

> Now after I connect as user1, I tried 'connect internal' and I get

> connected to the database as 'SYS' which is dangerous. How can I

> restrict this such that when user1 tries to 'connect internal' it will

> prompt for the password. Please help.

>

> Thanks in advance.

>

> jiju




Log on as SYS and perform the following:



DROP ROLE connect;


DROP ROLE resource;


DROP ROLE dba;



That is what Oracle recommends.



Now create specific roles that relate to what people actually do and
assign those to your users.


--
Daniel Morgan
http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp
damorgan_at_x.washington.edu
(replace 'x' with a 'u' to reply)


Received on Mon Aug 11 2003 - 19:18:24 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US