Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.misc -> Re: Security Implications of using DBMS_JOB
On 19 Dec 2005 10:03:27 -0800, "Jimbo1" <nightfanguk_at_yahoo.co.uk>
wrote:
>If anybody reading this feels they can contribute anything else to
>support my arguments (or the site DBA's), please feel free to
>contribute.
1 cron jobs usually consists of scripts with hardcoded passwords.
Even worse: the password might be identical to the username, and the
account having DBA privilege.
This means: anyone who is capable to get into the server only once,
and grasp this info, can do anything.
2 cron jobs result in e-mail, which has to be maintained
3 jobs submitted through the dbms_job mechanism are being rerun
automatically 16 times before they are considered broken.
-- Sybrand Bakker, Senior Oracle DBAReceived on Mon Dec 19 2005 - 12:47:41 CST