 |
|
Oracle Tips by Burleson |
Chapter 4 General Oracle Security
.retrieve_password.sh
| sqlplus –s judy @report
The program will retrieve the password and feed
it to the sqlplus executable. An execution of ps –aef on the UNIX
prompt will not show the password.
Tip: Make sure that no one types
any kind of password in the command line. If passwords need to be
passed from the command line, use a secured file to store the
password and then use redirection to feed it to the program.
User Access Control
Once the machine is physically secured and the
firewalls are protected, the next security vulnerability comes in
the area of database access. The users need access to the database
to perform their job functions.
When users wish to connect, the database makes
sure that they are indeed authorized to access, a process known as
Authentication. This can occur in several ways – the users could be
defined as users in the database and then authenticated, or they may
have been authenticated elsewhere and their credentials are passed
on to the database as valid.
There are two ways the database authenticates
users:
-
By password
-
By OS authentication
Let us discuss how they are different.
By Password
A user is created in the database with a
password as in the following SQL command.
create user judy
The above text is
an excerpt from
the bestselling book:
Oracle
Privacy Security Auditing.
It's only $39.95 and has an
download of working security scripts:
This is the only authoritative
book on Oracle Security, Oracle Privacy, and Oracle Auditing written
by two of the world’s leading Oracle Security experts.
This indispensable book is only $39.95 and has an
download of working security scripts:
http://rampant-books.com/book_2003_2_audit.htm
|
Download your Oracle scripts now:
www.oracle-script.com
The
definitive Oracle Script collection for every Oracle professional DBA
|
|
