[CLUE-Tech] Sys Admin security and user directory security
Jed S. Baer
thag at frii.com
Mon Dec 17 22:24:12 MST 2001
On Mon, 17 Dec 2001 22:09:47 -0700
Kevin Cullis <kevincu at orci.com> wrote:
> That's what I figured. I guess the only way of ensuring that "financial
> data" (or any other data that needs to be hidden from prying eyes) has
> restricted access is having a program secure it if it's proprietary,
> i.e. using an Oracle DB or something. The issue is not about trusting
> the sysadmin, but a need to know sort of thing.
su - oracle
sqlplus /nolog
connect internal
There, now, I can see everything!
Of course, there is the DBMS.ENCRYPT utilities.
I've heard that SAP is a real bugger to get at using anything but their
application layer. I suspect it's more a case of a really obfuscated data
model than anything else though.
--
"Those who expect to reap the blessings of freedom must, like men,
undergo the fatigue of supporting it."
- Thomas Paine
More information about the clue-tech
mailing list