Database security: personalized accounts at O.S.-level

Database security: personalized accounts at O.S.-level

Attended a workshop about “Oracle database security” (by Frits Hoogland), though the subject  could also be named  like “O.S.-security of an Oracle Database”.  Most of the times the database will be installed by an ‘oracle’ account, and all the DBA’s are using this account for administrative purpose.

Nothing wrong with that, but logging/auditing of this oracle account is modifyable (=useless) and who did what on this machine?
So it’s quite understandable that an organization will choose for personalized, controlled accounts for DBA’s. Quite scary for a DBA by the way, his kingdom and freedom is vanishing…

(more…)

X