If the sys password file was chmod 400, only the owner can read it.
And, the next time it has to be changed, it would have to be changed
in a single place to be picked up by any calling script. Crons are
owned by the same userid, so it all works well.
Maybe I'm missing something, but isn't this a cool way to keep control
of passwords? Only the owning logon can see it, and it's only in one place?
-----Original Message-----
From: Gogala, Mladen [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, April 03, 2001 8:26 AM
To: Multiple recipients of list ORACLE-L
Subject: RE: Exp/Imp Fromuser/Touser & Security
Using an "OPS$" user would be much preferred to that. If that user is given
DBA
privilege, it can export/import the full database. Sys password in a file?
Did you schedule a public execution?
-----Original Message-----
Sent: Tuesday, April 03, 2001 10:00 AM
To: Multiple recipients of list ORACLE-L
Hi,
I have a group of developers that need to perform
their own imports of another schema's tables. The
previous DBA created some refresh scripts to do this
but to get around the fromuser/touser issue he created
a dot-file with the password to SYS and reads that
password in within the script. Yikes!!
My question is, is there another "solution" that
doesn't compromise database security? I'm hesitant to
grant the IMP_FULL_DATABASE role to these users.
Any suggestions/feedback would be GREATLY appreciated.
Thanks again!!
-w
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Walter K
INET: [EMAIL PROTECTED]
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
San Diego, California -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Gogala, Mladen
INET: [EMAIL PROTECTED]
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
San Diego, California -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
