|
|
>> Define "DBA tasks".
>
> User admin (granting access and such), troubleshooting, table layout and
> design (sounds like you probably weren't involved in this last bit, with
> one application that was vendor-supplied).
No user admin; rather than use Oracle's extensive security features,
this crappy little VB app chose to defeat Oracle's security and
implement all the security in the application itself.
In other words, the VB app connects to the database with username
"database" and password "blue198". The app itself then decides what data
it will or won't let the user see. But if you open up a copy of the
Oracle SQL console and use the same username and password, you have
unlimited access to the entire DB. (And I *mean* write-access!)
Even more amusingly, the user information is stored in an Access
database file. Why the hell that table isn't in the Oracle DB is beyond
me. Every now and then the Access DB would get "corrupted", and I'd have
to try to fix it. (Usually by just restoring it from backup.)
Presumably the reason for this stupidity is that the VB app works with
Oracle *and* SQL Server, which presumably have utterly different
security systems... Even so, really dumb design!
>> What else is there?
>
> Troubleshooting if it breaks comes to mind.
Well, yeah, there is that.
The documentation doesn't actually *explain* how half of this stuff
works, and the company that makes it got bought half way through our
using it, so...
Post a reply to this message
|
|