Go to the FreeLists Home Page Home Signup Help Login 		 



Browse oracle-l: This Month's ArchiveMain Archive PageRelated postsPrevious by DateNext by Date

RE: DBA's as idiots

  • From: M Rafiq <rafiq9857@xxxxxxxxxxx>
  • To: <rjoralist@xxxxxxxxxxxxxxxxxxxxx>, Oracle-L Freelists <oracle-l@xxxxxxxxxxxxx>
  • Date: Mon, 2 Jun 2008 18:50:43 -0400
This is quite true in most of vendor provided/supported applications. They 
still use default password every where in their application code and never 
agree to change regardless of security holes. On top of it those applications 
are treated as 'validated applications' in pharma industry so no access is 
given to change them.
 
Regards
Rafiq> Date: Mon, 2 Jun 2008 16:40:43 -0500> Subject: Re: DBA's as idiots> 
From: rjoralist@xxxxxxxxxxxxxxxxxxxxx> To: oracle-l@xxxxxxxxxxxxx> > I called a 
vendor out on that situation once. While they didn't grant DBA> to their 
application schema, they did explicitly (and unexplicably) grant> SELECT on 
USER$ to it. When the vendor profusely denied my assertion that> their app 
schema had DBA privs, I offered to show them how, but not before I> was labeled 
an obstructionist. Silly security is such an obstruction!> > My offer never was 
accepted. It's unfortunately still probably that way> today. Hopefully those 
with the app password don't know how to Google...> > Rich> > > I have been on 
both sides of that conversation. And I have been where this> > DBA may well 
have been, that is coming up on an implementation date, getting> > ready to go 
live with real data, and no one especially the vendor has> > bothered to 
document the reason for all those privileges (like DBA on> > occasion) granted 
to the application user. And when everyone is too busy to> > document why 
privileges have been granted, I have often been tempted to do> > what this DBA 
appears to have done, that is revoke all privileges until> > someone can 
explain why they have been granted. Wanting to keep my job, I> > have never 
actually done this, but I have often been tempted.... Though in> > these days 
of Sarbanes-Oxley, I could definitely see it happening more> > often. I would 
rather explain why privileges were revoked today, than> > explain to an 
accountant 6 months down the road why the privileges were> > granted in the 
first place.> > > --> http://www.freelists.org/webpage/oracle-l> > 
_________________________________________________________________
Make every e-mail and IM count. Join the i’m Initiative from Microsoft.
http://im.live.com/Messenger/IM/Join/Default.aspx?source=EML_WL_ MakeCount

Other related posts:

  • DBA's as idiots
  • RE: DBA's as idiots
  • RE: DBA's as idiots
  • Re: DBA's as idiots
  • Re: DBA's as idiots
  • Re: DBA's as idiots
  • RE: DBA's as idiots
  • Re: DBA's as idiots
  • RE: DBA's as idiots




    • [ Home | Signup | Help | Login | Archives | Lists ]

    All trademarks and copyrights within the FreeLists archives are owned by their respective owners.
    Everything else ©2008 Avenir Technologies, LLC.