=) yeah, same. Thanks
Dave
On Mon, Sep 14, 2009 at 01:54:25PM -0600, Scott Marlowe wrote:
- Had a similar thing when I was in Chicago about Oracle. Whie oracle
- has some form of auditing, the fact is that any resourceful DBA with
- root access can cover their tracks if they want. Best of luck.
Had a similar thing when I was in Chicago about Oracle. Whie oracle
has some form of auditing, the fact is that any resourceful DBA with
root access can cover their tracks if they want. Best of luck.
On Mon, Sep 14, 2009 at 1:45 PM, David Kerr wrote:
> Right, I agree there are things I can do t
Right, I agree there are things I can do to minimize impact,
but If SAS70 or similar comes in and says w/o superuser auditing
we're not giving you the certification, then that still causes us a
problem.
I don't think it does though, I've gone through SOX and all they
require is "controlled" super
Yeah, I question the intelligence of your security expert in this
situation. As the superuser, I can do nearly anything I please, it's
kind of the point. Now, if he wants you to setup non-superuser roles
to do other stuff, I can understand, but there are some things only
the superuser can do, and
