08-27-2015
This does not make much sense to me.
If a user has access to a database through code, and the user can develop & run his own code against the database then your security is the problem. PROD databases are not supposed to allow that. Block the user either at the source or at the oracle login.
Try:
1. move the user to another box that cannot access PROD or whatever
2. change tnsnames.ora - stop everyone
3. create two client oracle directory trees. The only difference is the tnsnames.ora in one tree does not allow the DB box/or users you want to block. Set up the problem user in a group, such that he uses the limited directory and cannot see the other. In other words effectively change ORACLE_HOME for him/her.
DBI used to require an ODBC license from oracle. Put the problem user in a group that cannot activate the license file. You can also remove/delete/uninstall the DBI code from the perl install. You can also put the DBI pm files in a directory some users cannot read. So they cannot excute perl DBI.
You know, if you told us what the actaul problem was instead of asking how to implement a really unusual off-the-wall kind of fix, we could help.
I'm sure you know that trying to block DBI acess to oracle from another server pretty much means nobody on the non-db server will be able to use it. You can disable DBI locally, on the remote server, not remotely on the DB server.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I am very new to all of this. I tcsh into a Unix box at work. I receive "hints" from a guy here at work that is helping me without doing everything for me.
I need to use rx display to x connect to a remote host. I then need to tell the machine (unsure if he meant mine or the box I connected... (2 Replies)
Discussion started by: noobie_doo
2 Replies
2. UNIX for Advanced & Expert Users
Hi:
Can i access my Linux Box from a remote machine, Login and Run a program(eg: netscape) in a particular display number.
Assuming i do not have XServer running in my machine
Appreciate the help
Thanks,
Preetham. (5 Replies)
Discussion started by: preetham
5 Replies
3. Shell Programming and Scripting
Hello all,
I connect usually to one enviornment "dev" daily and then ftp some files to some other enviorment "uat" and then login to "uat" and run some scripts to process these files.
I was thinking to automate the process, where running one script from "dev" will complete all task required... (11 Replies)
Discussion started by: RishiPahuja
11 Replies
4. Shell Programming and Scripting
Hi,
I am new to Shell Scripting. Can anybody help me in writing a Script Which Could Login from a Unix box to a Remote Unix box which accepts the user credentials automatically and display the result for checking the Disk Space Utilisation (Without running any SSH agent). (1 Reply)
Discussion started by: ajith_tg
1 Replies
5. SCO
Well... finally I took and old SCO Server and it works fine to keep working my ERP, but now I have a "LITTLE" trouble... with the other server we've made a connection trought TinyTerm with a DYNDNS Domain, in my firewall I noticed that there's a RULE establishing that the IP 192.168.0.1 (Server IP... (4 Replies)
Discussion started by: LIA_RAG
4 Replies
6. Linux
Hello,
I need a tool for remote GUI connection to Linux machine ,something like remote Desktop in windows?????any help
Thanks in advance (4 Replies)
Discussion started by: mm00123
4 Replies
7. UNIX for Dummies Questions & Answers
Hi Everyone,
Good day.
Scenario:
2 unix servers -- A (SunOS) and B (AIX)
I have an ftp script to sftp 30 files from A to B which happen almost instantaneously i.e 30 sftp's happen at the same time.
Some of these sftp's fail with the following error:
ssh_exchange_identification: Connection... (1 Reply)
Discussion started by: jeevan_fimare
1 Replies
8. Shell Programming and Scripting
How can we connect to remote computers with a bash script.? (1 Reply)
Discussion started by: diw10
1 Replies
9. Programming
My issue is that the perl script (as I have done it so far) created empty branches when I try to check some branches on existence.
I am using multydimentional hashes: found it as the best way for information that I need to handle. Saing multidimentional I means hash of hashes ... So, I have
... (2 Replies)
Discussion started by: alex_5161
2 Replies
10. Web Development
Hello,
I need help in Apache to restrict user for number of concurrent connection. its basically related to nagios monitoring site. End user opening N no of tab to monitor and it increase load on server.
any setting will help me here. (3 Replies)
Discussion started by: ghpradeep
3 Replies
LEARN ABOUT DEBIAN
dbd::firebirdembedded
FirebirdEmbedded(3pm) User Contributed Perl Documentation FirebirdEmbedded(3pm)
NAME
DBD::FirebirdEmbedded - embedded Firebird server (and client)
SYNOPSIS
use DBI;
$dbh = DBI->connect("dbi:FirebirdEmbedded:db=$dbname", undef, undef);
# See the DBI module documentation for full details
DESCRIPTION
DBD::FirebirdEmbedded is a variant of DBD::FirebirdEmbedded, linked with the Firebird embedded library, libfbembed. In addition to the
ability to work with remote Firebird servers (which DBD::FirebirdEmbedded has, being linked with the Firebird client library, libfbclient),
DBD::FirebirdEmbedded can be used to work with Firebird databases without the need of a dedicated Firebird server.
The following things should be set up first:
Username/password
These should be unset. Both in the "DBI->connection(...)" call and in the environment ("ISC_USER", "ISC_PASSWORD", "DBI_USER",
"DBI_PASSWORD" variables).
Firebird lock directory
The "FIREBIRD_LOCK" environment variable should be set to some place where the process can write. Note that if you plan for several
processes to access the database file directly, they all should have "FIREBIRD_LOCK" set to the same directory, or else database
corruption will occur.
No "host" in the DSN
Obviously, do not set any host when calling "DBI->connection(...)", not even "localhost".
Permissions to read/write the database
Obviously, the process needs to be able to read/write the database file.
COMPARISON WITH DBD
::FIREBIRD
DBD::FirebirdEmbedded provides exactly the same functionality as the Firebird server of the same version as the libfbembed library. It
still can work with remote datases, in which case the use is exactly the same (DSN, environment) as with the regular DBD::FirebirdEmbedded.
Pros
Standalone work with Firebird databases
No need to setup/administer a Firebird server. All the server functionality is available via the libfbembed library. Shared access to
databases is still possible (but read "Firebird lock directory" above).
No network latency
Working directly with the database file elliminates possible network delays (even if the server is on the local host).
Cons
Memory footprint
The libfbembed library contains a fully functional Firebird server and is therefore bigger than the ordinary client library,
libfbclient.
Setup complexity
It is very important to make sure that all processes that access a given database use the same lock directory. See "Firebird lock
directory" above.
SEE ALSO
DBD::FirebirdEmbedded
perl v5.14.2 2011-11-15 FirebirdEmbedded(3pm)