Stephen,
The "revealing" of the APPS password on the command line in SQL
was fixed by
patch 1196850 for 11.5 and back-ported to 11.0 and 10.7
See Note 201567.1 on MetaLink
Hemant
At 10:43 AM 17-10-03 -0800, you wrote:
April:
Wanted to chime
in on this one but didn t have time. The APPS p
April:
Wanted to chime in on this one but didn’t have time. The APPS password is generally secure
within the DBA group, HOWEVER, it can be seen by almost everyone that has
access to UNIX or Concurrent Manager. Why? Because it
can be seen from the command line.
Unfortunately, this
"Jay Hostetter" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
10/15/2003 07:29 AM
Please respond to ORACLE-L
To: Multiple recipients of list ORACLE-L <[EMAIL PROTECTED]>
cc:
Subject: Re: Financials and APPS password
Ap
Oracle DBA
Cummins Inc
John Kanagaraj <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
10/15/2003 11:34 AM
Please respond to ORACLE-L
To: Multiple recipients of list ORACLE-L <[EMAIL PROTECTED]>
cc:
Subject:RE: Financials and APPS password
Apr
Title: RE: Financials and APPS password
I thought so too. all it really appears to need is select access and select any dictionary. the trace and analysis tools for apps are usually pretty uninvasive... and just do substantial reads.
April Wells
Oracle DBA/Oracle Apps DBA
Corporate
I thought it must be that. You know I've looked at the script and I'll be
damned if I can see why you neeed to be connected as APPS. The argument
seems to be that of the schema owners associated with Oracle Applications
only APPS can be guaranteed to have select access on the DBA_* views.
Note 155
October 15, 2003 8:14 AM
>To: Multiple recipients of list ORACLE-L
>Subject: RE: Financials and APPS password
>
>
>I could be missing something here. If you set the profile option
>"Utilities:Diagnostics" to "YES" users are allowed to enable trace on a
>
Title: RE: Financials and APPS password
sorry... my bad.
The script in question is apparently a trace generation script that is to be run from sqlplus
April Wells
Oracle DBA/Oracle Apps DBA
Corporate Systems
Amarillo Texas
Title: RE: Financials and APPS password
This particular script says it needs apps authority (mostly, select any dictionary which the read only users have)
April Wells
Oracle DBA/Oracle Apps DBA
Corporate Systems
Amarillo Texas
I could be missing something here. If you set the profile option
"Utilities:Diagnostics" to "YES" users are allowed to enable trace on a
session without having to provied the APPS password.
Cheers,
Mike Hately
-Original Message-
Sent: 15 October 2003 14:29
To: Multiple recipients of list
In our shop, the APPS DBA runs traces
as APPS. No one outside of the DBA group has the APPS password. We
use Discoverer and Noetix Views for those users who have to look into the
database outside of the application. Each user logs in as himself;
the DBAs have created roles by business unit and
April,
We lost this battle with our developers - they have the password, along with strict
instructions to "behave."
Nobody else should have the password to any of the schemas (APPS, GL, INV, etc.).
We create logins for users that need them and grant the necessary rights to objects.
As yo
We
have AP,FA,GL,PO,PA,HR and Payroll modules and have setup an account much like
you where they can view the data but using a account different from apps.
However in our test instance which is refreshed periodically the users have the
apps password and do what they like in that instance.
13 matches
Mail list logo
