|
-
 OPS$ vs Oracle wallet
With the Oracle 10g Oracle had given the power to the users the option to to connect to the database without discolosing the password. To me it poses a great level of security threat. Earlier, you had the OS authenticated accounts. In these cases you had the ability to control where these executions can be carried from, i.e from the server or form the remote OS. Hence it was a peace of mind from the prespective that as long as the server that you manage is secured. With the advent of Oracle wallet on 10g, the client had been given the ablitiy to setup a wallet and have the connection established to the database without the username or password. This would work great for those who run the batch scripts. But this also posess a great threat, that if that client's system were to be compromised, this would allow the connection to the database be established without even having to know what the username and password to the database. Adding to this fear, is that to know that not all those clients desktops are secured. Hence any one who knows to read the sqlnet.ora file can start probing the database and may eventually gain access legitimately.
So, my main interest is that is there a way one could have some control on these kind of access, like the ones we have for OPS$.
Thanx,
Sam
Last edited by sambavan; 04-05-2007 at 04:19 PM.
Thanx
Sam
Life is a journey, not a destination!
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote