I believe externally identified logins together with remote_os_authent give
rise to a security loophole. Anyone with Oracle installed on their PC could
in theory create a user ops$oracle and then login to your database[s] with
full DBA privs. We use OS authentication but not remote OS authentication
for this reason.
-----Original Message-----
Sent: 20 September 2001 19:50
To: Multiple recipients of list ORACLE-L
There is an init.oram parameter, REMOTE_OS_AUTHENT. which controls this.
Its default value is false. Setting it to true is begging for trouble.
BTW, It's "identified externally" not "identified by externally"
Ian MacGregor
Stanford Linear Acccelerator Center
[EMAIL PROTECTED]
-----Original Message-----
Sent: Thursday, September 20, 2001 10:05 AM
To: Multiple recipients of list ORACLE-L
Hi,
If there is user created using identified by externally, could this user
login to database remotely? If it could, could you please help us?
Thanks,
Jun
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Feng, Jun
INET: [EMAIL PROTECTED]
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
San Diego, California -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: MacGregor, Ian A.
INET: [EMAIL PROTECTED]
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
San Diego, California -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please immediately delete it and all
copies of it from your system, destroy any hard copies of it and notify the
sender. You must not, directly or indirectly, use, disclose, distribute,
print, or copy any part of this message if you are not the intended
recipient. CREDIT SUISSE GROUP and each of its subsidiaries each reserve
the right to monitor all e-mail communications through its networks. Any
views expressed in this message are those of the individual sender, except
where the message states otherwise and the sender is authorised to state
them to be the views of any such entity.
Unless otherwise stated, any pricing information given in this message is
indicative only, is subject to change and does not constitute an offer to
deal at any price quoted.
Any reference to the terms of executed transactions should be treated as
preliminary only and subject to our formal written confirmation.
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Lau, John
INET: [EMAIL PROTECTED]
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
San Diego, California -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
