Very Computer

by **voir e-mai** » Mon, 21 Jun 1999 04:00:00

A database Oracle v. 7.2 is installed on my system which is a Sun network ( O.S. Solaris )
There is an "invisible" user who is set when Oracle launches itself ( "set oracle user =... set oracle passwd = ... ). This user can access to the entire database.
I've built a security policy based on Unix rights, logins and passwords : each user has specific rights on the different datas of the database.
But if one of them can discover the login/password of the "invisible" user, my policy does not match !
My question is : can i use the Oracle v 7.2 database only with my UNIX users ( and remove the oracle default user ), or can i protect (cypher) the login/password of this user ? Some Oracle tools or patch exist for this ?
Thank you,

by **Alan J Rosenth** » Wed, 23 Jun 1999 04:00:00

>Message en plusieurs parties et au format MIME.

Please post in plain text, using a non-mime Content-Type header for charset
information if necessary.

Quote:>There is an "invisible" user who is set when Oracle launches itself ( =
>"set oracle user =3D... set oracle passwd =3D ... ). This user can =
>access to the entire database.
...
>can i protect (cypher) the login/password of this user ?

That account probably can be locked. Use "passwd -l" or change the password
field in /etc/passwd or /etc/shadow to "*" manually. I think you'll find that
everything else still works; you can su to a locked account from root, etc.
Then there ought to be no way for anyone to log in to it.

You don't just want the password to be secret, you want it not to exist.
This is easily accomplished. The entry in the passwd file still gives a
numeric uid corresponding to the name "oracle", and that's all you want
from the "account".

Very Computer

Oracle & Solaris

Oracle & Solaris

Oracle & Solaris