Call: +44 (0)1904 557620 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Three great papers on shell codes and encoding and decoding"] [Next entry: "Edwards next post in the series of catpatch.sql issues."]

Next Edward Stangler post in the missing catpatch.sql series



In his next post in this series Ed talks about missing password files. Edward starts by talking about the fact that you can no longer connect internal in 9i and you can no longer connect just as SYS without AS SYSDBA. He demonstrates that any user granted SYSDBA is connected to the database as SYS.

Then Edward gets onto the issue for this post, that fact that if you have upgraded to 9i then you can no longer connect as sysdba whilst specifying a TNS alias in the connect string. The issue is the subject of his post, a missing password file. Ed covers AS SYSDBA, password files, orapwd and how remote privileged connections work very well. This is a great short article and again it’s available here.