My listener status shows:
Security ON: Local OS Authentication
I want to switch it to OFF. Can you help me?
This must be output from a 10g listener since that was the first release that Oracle introduced the local OS authentication protection for listener configuration.
Metalink NOTE 260986.1 offers some explanation about this feature, but the 10g documentation set does not mention this new functionality (at least I didn't find it). Here's a snippet from the NOTE:
In Oracle10g, the TNSListener is secure out of the box and there should not be a need to set a listener password as in older versions of the Oracle listener. The 10g listener now uses local OS authentication. As long as one runs lsnrctl as the same user as the running listener they will be able to fully administer it without providing the password. This security feature is enabled by default...
Furthermore, if you use the "old" way of securing the listener by assigning a password, the output from the status command will show the following:
Security ON: Password or Local OS Authentication
There is no way to disable the new Local OS Authentication done by the listener and I'm not sure why one would consider this a security risk since it is generally presumed that if someone is able to access the account that is running the listener, they should also have the proper privilege level to modify that listener's configuration or stop it. Most applications, including Oracle, presume that you have reasonable standards for operating system security.
Dig Deeper on Oracle database security
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.