Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: Database Links expose passwords

Re: Database Links expose passwords

From: Daniel Morgan <dmorgan_at_exesolutions.com>
Date: Fri, 14 Jun 2002 19:07:05 GMT
Message-ID: <3D0A3ECF.B027335@exesolutions.com> 





Forte Agent wrote:



> We have a schema S1 in database D1 which is shared by developers.

> Developers know its password.  We also have a schema S2 in database

> D2, which is restricted.  However, the developers using S1 schema in

> database D1 need to access tables in S2 schema of database D2, using a

> database link.  If we create a database link in S1 schema, they will

> be able to see password of S2 by simply running "select * from

> user_db_links;".  How can we set up a database link between D1

> database and D2, so that S1 schema can read tables in S2 without

> exposing password of S2 schema?  Thank you in advance.




Depends on how your DBA creates the link.



And I emphasize DBA because you seem to rather obviously have a security
violation in that you grant people the CONNECT role rather than dumping it
for the security violation it is and granting people CREATE SESSION. The
CONNECT role allow the creation of DB Links which, I think is ridiculous.



Anyway. Drop the current link and have SYS recreate it as either a link
for Current User or Connected User rather than as Fixed User.



Daniel Morgan
Received on Fri Jun 14 2002 - 14:07:05 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US