Ask the Expert

Database security when users can connect without password

If you give sys / as sysdba it will connect to the database directly, so how can we give security to our database? By creating the password file, but after creating the password file it also will connect to the database using the above. How can we secure that one?

    Requires Free Membership to View

The only way you can connect to the database without a password (connect / as sysdba) is to be a member of the 'dba' group in Unix/Linux or the ORA_DBA group in Windows. So make sure users are not part of these groups. If someone other than the DBA needs DBA access to the database, then use the password file to grant them the appropriate access.

This was first published in July 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: