on 2003/3/24 3:25 PM, "Steve Lukshides" <[EMAIL PROTECTED]> wrote:
> Our Oracle DB Admin insists that we run a stored procedure for each
> connection made to the database. I'm not an Oracle DBA so forgive me if
> this explanation is less than clear. As a security measure he expects
> every connection made to the database to call a stored procedure to set the
> application's role. The idea is to prevent someone from logging on to the
> DB through SQL Plus with the user name and password that Torque uses and
> gain rights to use the database. If someone were to discover the
> username/password that Torque uses and then logs on through SQL Plus they
> would not gain any rights until the SP is executed, which they are not
> likely to know and will be difficult to discover.
Ah...isn't inane paranoia wonderful?
=)
-jon
--
StudioZ.tv /\ Bar/Nightclub/Entertainment
314 11th Street @ Folsom /\ San Francisco
http://studioz.tv/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
