|
Kevin,
That has been my point in the past. It
is really not feasible to establish connection policy this way.
For example: anybody can change the
name of the sqlplus.exe executable on their desktop, run it, and connect to the
database. v$session.program now reports the new executable name - not
sqlplus.
The same goes for any tool on the desktop -
including odbc connections.
Security policy has to start at the
account/password level.
Tom Mercadante
Oracle Certified Professional
|
- methodology to keep only certain programs to con... JOE TESTA
- RE: methodology to keep only certain progra... Mercadante, Thomas F
- RE: methodology to keep only certain progra... Shaw John-P55297
- RE: methodology to keep only certain progra... Thomas Day
- RE: methodology to keep only certain progra... Lord, David - CSG
- RE: methodology to keep only certain progra... Fink, Dan
- RE: methodology to keep only certain progra... Kirsh, Gary
- RE: methodology to keep only certain progra... Kevin Lange
- RE: methodology to keep only certain progra... Nastase, Mr. C. (Catalin)
- Re: methodology to keep only certain progra... Mercadante, Thomas F
- Re: methodology to keep only certain progra... Jared . Still
- Re: methodology to keep only certain progra... JOE TESTA
- Re: methodology to keep only certain progra... Glenn Stauffer
- Re: methodology to keep only certain progra... Stephane Faroult
- RE: methodology to keep only certain progra... Markham, Richard
- Re: methodology to keep only certain progra... Stephane Faroult
- RE: methodology to keep only certain progra... Kevin Lange
- RE: methodology to keep only certain progra... Thomas Day
- RE: methodology to keep only certain progra... Jared . Still
- RE: methodology to keep only certain progra... Jamadagni, Rajendra
