Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Using DD to Read Data from Oracle Datafiles

Re: Using DD to Read Data from Oracle Datafiles

From: Nuno Souto <dbvision_at_iinet.net.au>
Date: Fri, 9 Feb 2007 15:12:36 +1100
Message-ID: <1170994356.45cbf4b4236ee@mail.iinet.net.au> 





Quoting rjamya <rjamya_at_gmail.com>:



> 

> You can make sure that

> 1. any normal user can't get to the raw (or cooked) datafiles.

> 2. They don't have access to 'dd' command

> 

> in addition to whatever else that you are doing.

> 

> rjamya

> 

> On 2/7/07, Naqi Mirza <naqimirza_at_yahoo.com> wrote:

> >

> > Thanks Steve, the files will be offline and one of the main purposes of

> > this is to show that data, can be read out of an oracle datafile by a

> > malicious user (sure specifying the count and skip could take some doing

> by

> > a hacker, but its still possible). Even with vpd and label security the

> dba

> > (the insider threat) could still get access to this data. This is one of

> the

> > reasons of pushing the use of TDE at a site - need to check and confirm if

> > this same information is encrypted in the datafiles.

> > Thanks.






Ins't all this precisely what OS restricted shells were created for?
Or has everyone forgotten about them?


-- 
Cheers
Nuno Souto
from windy Sydney
--
http://www.freelists.org/webpage/oracle-l


Received on Thu Feb 08 2007 - 22:12:36 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US