OraFAQ Forum: Security » Multiple users using same login id

Home » RDBMS Server » Security » Multiple users using same login id

Show: Today's Messages :: Polls :: Message Navigator
E-mail to friend

Multiple users using same login id [message #255310]

Tue, 31 July 2007 06:07

nirmalnarayan
Messages: 261
Registered: April 2005
Location: India

Senior Member

When multiple users use same login id to oracle database and perform tasks. How to find out which users, through which system, session logged in and what are the steps that they have performed. Is there any automated tools through can we scan this?

There is any digital signature which we can apply on the tables created by multiple users using same loginid, without the knowledge of these users, while they create the tables and later by checking this digital signature to identify the user who created the table ?

Report message to a moderator

Re: Multiple users using same login id [message #255313 is a reply to message #255310]

Tue, 31 July 2007 06:19

balassvasan
Messages: 3
Registered: July 2007

Junior Member

we can use osuser and machine columns from V$session table and a combination of triggers on tables to record that info. But then say if its a web application through which users operate then you may have to resort to maintaining a user list in your DB and recording that.

Report message to a moderator

Re: Multiple users using same login id [message #255317 is a reply to message #255310]

Tue, 31 July 2007 06:48

Michel Cadot
Messages: 68637
Registered: March 2007
Location: Nanterre, France, http://...

Senior Member
Account Moderator

If users have to be tracked, above all if they have high privileges like managing objects, then they must have different database accounts.

Regards
Michel

Report message to a moderator

Re: Multiple users using same login id [message #255321 is a reply to message #255317]

Tue, 31 July 2007 06:59

nirmalnarayan
Messages: 261
Registered: April 2005
Location: India

Senior Member

they only have less privileges, the problem arises when the tablespace grow and the users drop their tables, and then the they also have to clean up the recyclebin, but should ensure that only the tables dropped by them are purged.

Report message to a moderator

Re: Multiple users using same login id [message #255327 is a reply to message #255321]

Tue, 31 July 2007 07:40

Michel Cadot
Messages: 68637
Registered: March 2007
Location: Nanterre, France, http://...

Senior Member
Account Moderator

To be able to create segments is not a small privilege.
The proof: they can use space and create troubles.
Moreover, if a user can purge others objects in recyclebin they are very privileged.

Regards
Michel

Report message to a moderator

Previous Topic:	Transparent Data Encryption
Next Topic:	How and where to report a vulnerability?

Goto Forum:

-=] Back to Top [=-

[ Syndicate this forum (XML) ] [

]

Current Time: Tue Apr 16 15:50:52 CDT 2024