Re: 9iDB Security Hole?

In article <3cbeb7aa$0$15472$afc38c87_at_news.optusnet.com.au>, Nuno says...
>
>In article <1019115403.14293.0.nnrp-07.9e984b29_at_news.demon.co.uk>, you
>said (and I quote):
>> How many systems still create users with:
>> grant connect to userX identified by passwordX;
>>
>>
>> Despite the fact that roles DBA, RESOURCE
>> and CONNECT have been contra-indicated for the
>> last 5 years or so.
>>
>> The CONNECT role includes the CREATE VIEW
>> privilege.
>
>You're right. I haven't used those in years in production systems.
>Since I found out the hard way one could create synonyms in V7 with just
>CONNECT. Use my own modified versions since then.
>One of the reasons Oracle consultants yell out that I "modify" the
>standard Oracle database dictionary in systems I take care of.
>Well, yes I do. In "little" unimportant things like this...
>
>--
>Cheers
>Nuno Souto
>nsouto_at_optushome.com.au.nospam

Not this Oracle consultant. Every time I've seen someone use these awful roles I try to get them to use their own. As soon as I point out that they're not a one to one mapping with the old v6 functionality, the standard response is "Oh well, won't make much difference". Arghhh!

HTH. Additions and corrections welcome.

Pete

SELECT standard_disclaimer, witty_remark FROM company_requirements; Received on Thu Apr 25 2002 - 12:11:10 CDT