DBAsupport.com Forums - Powered by vBulletin
Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: A brain teaser ?

  1. #1
    Join Date
    Jul 2003
    Posts
    323

    A brain teaser ?

    OS:Sol. 2.8
    r:9i.2.0.4

    DBA creates a test user with connect, resource priv !
    the test user then does a

    conn / as sysdba
    >connected

    How to now prevent this i.e any user can conn as sys ?


  2. #2
    Join Date
    Jan 2001
    Posts
    3,134
    Simple...

    SHOOT THE GAWDAMN USER!!

    Next time challenge me please.
    I remember when this place was cool.

  3. #3
    Join Date
    Oct 2002
    Posts
    807
    You're probably authenticating at the OS level.

  4. #4
    Join Date
    Jan 2001
    Posts
    3,134
    Well, this.....
    conn / as sysdba
    >connected

    Has nothing to do with the id created.

    I still say shoot em!!
    I remember when this place was cool.

  5. #5
    Join Date
    Mar 2002
    Location
    Mesa, Arizona
    Posts
    1,204
    Simple solution, "don't do that". Don't let the user connect directly to the server. Change the password. If they know the sys password, change it too.

    Use a client installed program.

    If they try "connect / as sysdba", they'll get "ORA-01031 - Insufficient Privileges"

    Oh, and, yea..., don't forget to submit that TPS report, K
    "I do not fear computers. I fear the lack of them." Isaac Asimov
    Oracle Scirpts DBA's need

  6. #6
    Join Date
    Jan 2001
    Posts
    3,134
    Originally posted by KenEwald

    Oh, and, yea..., don't forget to submit that TPS report, K
    F^&*in A, i'm going home to watch Kung Fu.
    I remember when this place was cool.

  7. #7
    Join Date
    Jul 2003
    Posts
    323

    Gotcha..!!!

    Axr2 - u're right on the dot..turns out the "DBA" is a developer transitioning to the exalted "DBA" role and was su -ing into a user in the dba group and creating the test user !!

    Mr. Hanky - I may have to stop believing in arms control.....!!!


  8. #8
    Join Date
    Aug 2000
    Location
    Jolo, Sulu
    Posts
    639
    Hi friends,

    Is this still true in 10g? (AIX 5L)
    I issued the command under oracle user:

    $ sqlplus / as sysdba
    ORA-01031: insufficient privileges


    Thanks

  9. #9
    Join Date
    Jul 2002
    Location
    Northampton, England
    Posts
    612
    Are you using password file authentication?
    Assistance is Futile...

  10. #10
    Join Date
    Jul 2003
    Posts
    323
    Actually this is what happened, posted yesterday in a hurry:

    DBA creates a test user with connect, resource priv !
    then connects as the test user and does a

    conn / as sysdba
    >connected


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Click Here to Expand Forum to Full Width