RE: Passwords in DBA_USERS (Oracle 12c)

From: Dimensional DBA <dimensional.dba_at_comcast.net>
Date: Wed, 6 Jul 2016 21:31:41 -0700
Message-ID: <016201d1d808$763be5f0$62b3b1d0$_at_comcast.net>

Seems to be a lot of churn about nothing. The column is still documented in various versions of the documentation and it is documented that it is deprecated or has a different meaning.

11.1

https://docs.oracle.com/cd/B28359_01/server.111/b28320/statviews_5073.htm

11.2

https://docs.oracle.com/cd/E11882_01/server.112/e40402/statviews_5081.htm#REFRN23302

12.1

https://docs.oracle.com/database/121/REFRN/GUID-309FCCB2-2E8D-4371-9FC5-7F3B10E2A8C0.htm#REFRN23302

If you speak of spare4 in user$ that is not a part of the formal published data dictionary so changes are not documented to the public by Oracle. If you look at the access rights of “SELECT ANY DICTIONARY” you will find none of the base $ tables are viewable, meaning Oracle does not consider them to be a part of the data dictionary, but a part of the RDBMS engine itself.

Reasons for leaving the password column in dba_users could be as simple as backwards compatibility for a variety of applications that queried for those columns in the dba_users view. I know of many BPM applications that consume that information even though it is no longer populated. Easier to leave a NULL column in then remove it and have 1000’s of clients not want to upgrade to your latest version of the database because you will break their other vendor tools.

CAGE 7J5S7 Dimensional.dba_at_comcast.net

<http://www.linkedin.com/pub/matthew-parker/6/51b/944/> View Matthew Parker's profile on LinkedIn

www.dimensionaldba.com <http://www.dimensionaldba.com/>

From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Andy Klock Sent: Wednesday, July 6, 2016 8:39 PM
To: Mladen Gogala
Cc: oracle-l
Subject: Re: Passwords in DBA_USERS (Oracle 12c)

Important how? I find it absurd that this capability is still even possible. As others have noted this was changed in 11g.

User Passwords Are No Longer Visible In DBA_USERS As Of 11g (Doc ID 735651.1)

The column is deprecated in the manual:

https://docs.oracle.com/cd/E11882_01/server.112/e40402/statviews_5081.htm#REFRN23302

Thanks,

Andy K

On Wed, Jul 6, 2016 at 8:41 PM, Mladen Gogala <gogala.mladen_at_gmail.com> wrote

Hi Ricardo,
I know that SPARE4 is SHA version of the password hash, but my point was more to clarify why was it done, and even more importantly, why wasn't such an important change documented? It is also possible to extract the hash using DBMS_METADATA.GET_DDL. I have solved my original problem, that's not the point.

Regards

--

Mladen Gogala
Oracle DBA
Tel: (347) 321-1217 <tel:%28347%29%20321-1217>

--

http://www.freelists.org/webpage/oracle-l

--

http://www.freelists.org/webpage/oracle-l Received on Thu Jul 07 2016 - 06:31:41 CEST

This message: [ Message body ]
Next message: Chris Taylor: "Re: Passwords in DBA_USERS (Oracle 12c)"
Previous message: Mladen Gogala: "Re: Passwords in DBA_USERS (Oracle 12c)"
Next in thread: Chris Taylor: "Re: Passwords in DBA_USERS (Oracle 12c)"
Reply: Chris Taylor: "Re: Passwords in DBA_USERS (Oracle 12c)"
Maybe reply: Deas, Scott: "RE: Passwords in DBA_USERS (Oracle 12c)"
Reply: Chris Taylor: "Re: Looking for Suggestions - 5 TB DB WHSE Backup options"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message