Trying to find the original db_link session connection

Hi

Here on my company we have a script to find unauthorized connections. No user have permission to connect, using SQL*Plus, TOAD and so on, with a generic login in a production database. These tools are permitted to use, bu a user can only connect with her/his personal oracle user, using her/his OS user.

Our script have a problem: db_links. Suppose that one user connects, using SQL*Plus, with a not authorized login L1 in A database, and, with a db_link, he/she connects in a not authorized login L2 in B database. Our monitoring script will detect both connections. Thatīs because the module and OSUSER information will be "exported" to the L2 connection data in V$SESSION.

But letīs suppose that one user connects, using SQL*Plus, with his/her personal authorized login in A database. The he/she access the O object in owner L1 in A database. The O objects (for example, a view) as a db_link, that connects to login L2 in B database.

The first connection, in A database, will not be found by our monitoring script. And thatīs correct, because itīs an authorized connection. But the second connection, L2 in B database, will be gotten by the script, as this connection has OSUSER and MODULE data from first connection, and USERNAME L2.

Is there a way to know the name of the USERNAME from the original session, when a session is a db_link session?

Best regards,
Luis Santos Received on Fri Oct 06 2006 - 09:37:04 CDT