Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: New Secure Application Role features in 9i

Re: New Secure Application Role features in 9i

From: Jeff Rimland <unclejcr_at_yah_REMOVE_THIS_PART_oo.com>
Date: Fri, 30 May 2003 12:48:13 GMT
Message-ID: <hqIBa.1484$cp6.1163378@news1.news.adelphia.net> 






>

> It is the same basic reason why checking v_$session for application name

is


> effective unless you give crackers a chance to play around and try to

figure out


> why they were locked out.




Do you know if there is any way to capture the application's unique Program
ID instead of the application name?  That way a malicious programmer
wouldn't be able to just create another app with the same name...



>

> 90+% of security is not letting anyone know how your security has been

> implemented. They can't defeat what they don't know exists.

>




very true!



> --

> Daniel Morgan

> http://www.outreach.washington.edu/extinfo/certprog/oad/oad_crs.asp

> damorgan_at_x.washington.edu

> (replace 'x' with a 'u' to reply)

>

>

Received on Fri May 30 2003 - 07:48:13 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US