|
||
|
Title: password for listener still needed? Post by Pete Finnigan on Sep 22nd, 2005, 3:07pm Hi, In 10g the listener is by default protected: lsnrctl status .... Security ON: Local OS Authentication ... This means that only oracle (and maybe other in the dba/oinstall group?) can stop/start the listener. In older oracle releases (7,8, and 9i) I allways use a password to protect the listener and so I did for my new 10gr2 installation and when I ask for the status of the listener I get: ... Security ON: Password or Local OS Authentication ... But now I'm wondering if it is a good idea. If some other ordinary user gets to know my listener password he/she can stop it by doing a 'set password' first. So my preliminary conclusion is that a listener without a password is safer! Is this true or am I missing something? regards, Ivan |
||
|
Title: Re: password for listener still needed? Post by Pete Finnigan on Sep 22nd, 2005, 6:19pm Ivan your assumption is correct. A 10g listener with password is less secure then a listener without password protection. Setting a password in 10g allows every user with the listener password to administer the listener, see also http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=260986.1 Regards Alexander ------ |
||
|
Powered by YaBB 1 Gold - SP 1.4! Forum software copyright © 2000-2004 Yet another Bulletin Board |