Security Question

From: Newman, Christopher <>
Date: Thu, 5 Feb 2009 10:55:23 -0600
Message-ID: <>

Pete Finnigan recently (yesterday) wrote a blog entry regarding instrumentation and security
( . In one section it states "...Imagine that most users have the ALTER SESSION system privilege and therefore they can dump data blocks; imagine that we have secure some data in the table using VPD; this same method allows bypass of VPD."

It was my understanding that ALTER SYSTEM was needed to dump blocks, *not* ALTER SESSION. Can anyone clarify?

Thanks - Chris

Received on Thu Feb 05 2009 - 10:55:23 CST

Original text of this message