Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Oracle 9i DB Security Hole
In article <3CBEDF46.AA69F910_at_ca.ibm.com>, you said (and I quote):
> Self-control by their main competitor - and it's hard - trust me.
Well done, Serge! Hang in there and I won't tell anyone how I found the administrator password for the UDB server in our office. ;-)
Seriously: I'm quite impressed with the speed with which Oracle fixed this. Not as impressed with their fix for Windoze, though... Oh well, can't have everything.
What gets me is: Oracle obviously paid a lot of money to some companies to get 9i certified for security compliance. How come such a gaping hole sneaked through? What sort of testing for security was really done? One wonders if it is worth spending the $$$ on these "certifications"...
-- Cheers Nuno Souto nsouto_at_optushome.com.au.nospamReceived on Fri Apr 19 2002 - 06:12:59 CDT