Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: HELP: Read-Only Snapshots (Security)

Re: HELP: Read-Only Snapshots (Security)

From: Martin J. Malley <mmalley_at_radiks.net>
Date: 1998/01/15
Message-ID: <01bd2161$95bd5700$1c9d9ad0@gateway>#1/1

> I am trying to sync two databases by creating Read-Only snapshots in the
> target database.
> As I understand, I also have to create a dblink in the target database
 for
> automatic snapshot refresh. Because of lack of experience, I cannot
 assess
> the security conseqences of
> this approach.
> Lets say, the security of the target database is compromized (the
 intruder
> has access
> to the objects of the user that created the snapshots).
> Does it mean that the security of the source database is also
 compromized?
> (If yes, than in what way?)

The link owner (and snapshot owner) in the target need to have select privileges in the source. If the intruder can assume the identity of the snapshot owner, the source won't know the difference and you may have a compromise problem. What you can do, is to never grant any access directly to the snapshot objects, create views (owned by somebody other than the snapshot owner) on them and only grant on the views. Received on Thu Jan 15 1998 - 00:00:00 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US