Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Security Implications of using DBMS_JOB

Security Implications of using DBMS_JOB

From: Jimbo1 <nightfanguk_at_yahoo.co.uk>
Date: 19 Dec 2005 10:03:27 -0800
Message-ID: <1135015407.630497.229400@g47g2000cwa.googlegroups.com> 





Hello there,



I'm currently working for a company developing applications for a
seperate live site, who do not run batch jobs within the database
because they see it as a "Security Risk".



I've recently completed some work that I personally believe would be
better off being run via the DBMS_JOB package rather than an OS batch
job. I have never encountered this "Security Risk" argument before.



Their argument is that the DBA's on the live system often connect using
OS-authenticated logons. The argument goes that if a hacker managed to
penetrate the network, they would be able to connect to the database
directly as they'd already be authenticated on the network.



Now this to me sounds like a huge security risk, so if they are
prepared to do this, I can't understand what they have against running
DBMS_JOB. Their argument against it is that once the hacker is on the
database, they could then set up 'trojan horse' style batch jobs to
run.



Now, my argument against this is:



    
  
  1.   If they reach the database, they could do a lot of damage anyway,
and what is to stop them using DBMS_JOB as things currently stand? They
can only execute it under the privs of the user they connect as. If
this is the SYS user, then why are we allowing automatic authentication
anyway?!

  
  2.   When the DBA's can routinely monitor which jobs are running via the
DBA_JOBS dictionary view, they could easily see if somebody has created
an erroneous job.

  
  3.   What is to currently stop somebody creating a 'trojan horse' batch
job in the OS, and then by being able to get this job to automatically
connect to the Oracle database, wreak havock in this way. Surely for an
active DBA, this would be harder to spot than an entry in the DBA_JOBS
dictionary view!






>From what I've heard about the DBA team on site ( who I've not actually

met to be fair to them), they seem to be, ahem, 'reluctant'  when it
comes to anything that might disturph their daily routine of minimal
hassle, so I want to be prepared when the politics of my change come up
for discussion.



If anybody reading this feels they can contribute anything else to
support my arguments (or the site DBA's), please feel free to
contribute.



Cheers.



James
Received on Mon Dec 19 2005 - 12:03:27 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US