Security Question
From: Newman, Christopher <cjnewman_at_uillinois.edu>
Date: Thu, 5 Feb 2009 10:55:23 -0600
Message-ID: <565F609E6D736D439837F1A1A797F34101C6F36B_at_ADMINMAIL1.ui.uillinois.edu>
Pete Finnigan recently (yesterday) wrote a blog entry regarding instrumentation and security
(http://www.petefinnigan.com/weblog/entries/index.html) . In one section it states "...Imagine that most users have the ALTER SESSION system privilege and therefore they can dump data blocks; imagine that we have secure some data in the table using VPD; this same method allows bypass of VPD."
Date: Thu, 5 Feb 2009 10:55:23 -0600
Message-ID: <565F609E6D736D439837F1A1A797F34101C6F36B_at_ADMINMAIL1.ui.uillinois.edu>
Pete Finnigan recently (yesterday) wrote a blog entry regarding instrumentation and security
(http://www.petefinnigan.com/weblog/entries/index.html) . In one section it states "...Imagine that most users have the ALTER SESSION system privilege and therefore they can dump data blocks; imagine that we have secure some data in the table using VPD; this same method allows bypass of VPD."
It was my understanding that ALTER SYSTEM was needed to dump blocks, *not* ALTER SESSION. Can anyone clarify?
Thanks - Chris
-- http://www.freelists.org/webpage/oracle-lReceived on Thu Feb 05 2009 - 10:55:23 CST