Oracle Consulting Oracle Training Oracle Support Development
Home
Catalog
Oracle Books
SQL Server Books
IT Books
Job Interview Books
eBooks
Rampant Horse Books
911 Series
Pedagogue Books

Oracle Software
image
Write for Rampant
Publish with Rampant
Rampant News
Rampant Authors
Rampant Staff
 Phone
 800-766-1884
Oracle News
Oracle Forum
Oracle Tips
Articles by our Authors
Press Releases
SQL Server Books
image
image

Oracle 11g Books

Oracle tuning

Oracle training

Oracle support

Remote Oracle

STATSPACK Viewer

Privacy Policy

 

   
 

Oracle Tips by Burleson

Chapter 4 General Oracle Security

.retrieve_password.sh | sqlplus –s judy @report

The program will retrieve the password and feed it to the sqlplus executable. An execution of ps –aef on the UNIX prompt will not show the password.

Tip:  Make sure that no one types any kind of password in the command line. If passwords need to be passed from the command line, use a secured file to store the password and then use redirection to feed it to the program.

User Access Control

Once the machine is physically secured and the firewalls are protected, the next security vulnerability comes in the area of database access. The users need access to the database to perform their job functions.

When users wish to connect, the database makes sure that they are indeed authorized to access, a process known as Authentication. This can occur in several ways – the users could be defined as users in the database and then authenticated, or they may have been authenticated elsewhere and their credentials are passed on to the database as valid.

There are two ways the database authenticates users:

  • By password
     

  • By OS authentication

Let us discuss how they are different.

By Password

A user is created in the database with a password as in the following SQL command.

create user judy


The above text is an excerpt from the bestselling book: Oracle Privacy Security Auditing It's only $39.95 and has an download of working security scripts:

 

This is the only authoritative book on Oracle Security, Oracle Privacy, and Oracle Auditing written by two of the world’s leading Oracle Security experts.

This indispensable book is only $39.95 and has an download of working security scripts:

 

http://rampant-books.com/book_2003_2_audit.htm

 


Download your Oracle scripts now:

www.oracle-script.com

The definitive Oracle Script collection for every Oracle professional DBA

 

Linux Oracle commands syntax poster

ION Oracle tuning software

Oracle data dictionary reference poster



Oracle Forum

BC Oracle consulting support training

BC remote Oracle DBA   

 

   

 Copyright © 1996 -2016 by Burleson. All rights reserved.


Oracle® is the registered trademark of Oracle Corporation. SQL Server® is the registered trademark of Microsoft Corporation. 
Many of the designations used by computer vendors to distinguish their products are claimed as Trademarks