Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: 9iDB Security Hole?
"Pete Sharman" <peter.sharman_at_oracle.com> wrote in message
news:a9heb9010af_at_drn.newsguy.com...
> In article <3cbbfa1a$0$15478$afc38c87_at_news.optusnet.com.au>, Nuno says...
> >
> >In article <3CBBC7ED.5CC5241B_at_oracle.com>, you said (and I quote):
> >>
> >> Don't try this at home without adult supervision:
> >
> >
> >Hehehe! Bugger!
> >Hmmm, been finding a few weird ones too. Mainly to do with using
> >functions in SQL and null values that should be returned by them. Weird,
> >very weird...
> >Roll on Release 2?
>
> Yep, it's a known bug with the ANSI syntax (bug ID from HJR 2121935),
fixed in
> the next release (well, 9.2 anyway). Here's your proofpoint:
>
> SQL*Plus: Release 9.2.0.1.0 - Production on Tue Apr 16 07:30:31 2002
>
> (c) Copyright 2001 Oracle Corporation. All rights reserved.
>
> SQL> connect / as sysdba
> Connected.
> SQL> create user us1 identified by us1;
>
> User created.
>
> SQL> grant create session To us1;
>
> Grant succeeded.
>
> SQL> connect us1/us1
> Connected.
> SQL> select a.userid, a.password
> 2 from sys.link$ a left outer join sys.link$ b on b.name= a.name ; from
> sys.link$ a left outer join sys.link$ b on b.name= a.name
> *
> ERROR at line 2:
> ORA-00942: table or view does not exist
just for completeness what happens if you also grant create view to us1?
-- Niall Litchfield Oracle DBA Audit Commission UKReceived on Tue Apr 16 2002 - 15:10:34 CDT