-
Oracle CIS Hardening Standards for UNIX
I am in the midst of applying, or not, company mandated hardening standards for our Oracle databases. One of the items being pushed on us is the following;
=========================================================
For Unix systems, create unique user accounts for
each Oracle process/service in order to differentiate
accountability and file access controls. The user for the
intelligent agent, the listener, and the database must be
separated.
=========================================================
Our site has all basic database and related components installed, owned and controlled by the UNIX Oracle account. Has anyone out there ever applied the above from scratch/fresh installs or even migrating existing installs like mine? As I don;t want to apply this snippet, I'll take any technical arguments ya'll can give me to avoid said implementation.
Thanks mucho'.
rob
-
-
-
sudo
What is normally done is that each person will login with own account (or his/her network account) and sudo to the oracle account, that keeps a record of logins per person.
"The person who says it cannot be done should not interrupt the person doing it." --Chinese Proverb
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|