Re: create database link identified by values?
From: Maxim Demenko <mdemenko_at_gmail.com>
Date: Fri, 28 Aug 2009 15:42:08 +0200
Message-ID: <4A97DEB0.5060506_at_gmail.com>
Mark D Powell wrote:
> On Aug 27, 1:26 pm, joel garry <joel-ga..._at_home.com> wrote:
>
> Definitely version dependent. Using a 9.2.0.6 exp dmp file I can grep
> out the database link create and the password is in plain text. The
> password is available to the DBA via the interal base table sys.link$
> in plain text.
>
> With 10g the same commands show that Oracle switched to using an
> identified by values type format with database links just as it does
> for users. On 10g the password in link$ is a hashed value.
>
> HTH -- Mark D Powell --
>
Date: Fri, 28 Aug 2009 15:42:08 +0200
Message-ID: <4A97DEB0.5060506_at_gmail.com>
Mark D Powell wrote:
> On Aug 27, 1:26 pm, joel garry <joel-ga..._at_home.com> wrote:
>> On Aug 27, 7:07 am, "Michel Cadot" <micadot{at}altern{dot}org> wrote:
>>
>>
>>
>>
>>
>>> "hehehe" <m..._at_m.ccc> a écrit dans le message de news: h763b0$1tn..._at_news2.ipartners.pl...
>>> | Hello!
>>> |
>>> | It`s possible? When a get from dba_users hash password id like to create
>>> | database link with this password like this :
>>> | create database link connect to 'test' identified by values '1234124213'
>>> | using 'test';
>>> |
>>> | But if i try its is possible but when i create new user
>>> |
>>> | create user test identified by values '2134123123231' profile wer;
>>> | its works
>>> |
>>> | regards - MJ
>>> |
>>> |
>>> No it is not possible.
>>> Regards
>>> Michel
>> Not in dba_users, but if I grep for "DATABASE LINK" in a full rows=N
>> export, I see something just like that, it is different than the user
>> password on the linked db.
>>
>> But...
>> select passwordx from KU$_DBLINK_VIEW;
>>
>> Version dependent, I would guess.
>>
>> jg
>> --
>> _at_home.com is bogus.
>> Not only offensive, but isn't that a Mac...?http://www.cnn.com/2009/TECH/08/26/microsoft.ad.gaffe/index.html?iref...- Hide quoted text -
>>
>> - Show quoted text -
>
> Definitely version dependent. Using a 9.2.0.6 exp dmp file I can grep
> out the database link create and the password is in plain text. The
> password is available to the DBA via the interal base table sys.link$
> in plain text.
>
> With 10g the same commands show that Oracle switched to using an
> identified by values type format with database links just as it does
> for users. On 10g the password in link$ is a hashed value.
>
> HTH -- Mark D Powell --
>
The use of "identified by values" in create database link statement is intended for export/import internal routines and not for end user as stated in Doc. Id. 456320.1 . Additionally (mentioned in the same note) password hashes used in "create database link" statement are encrypted (from 10.2 onwards) and not equal to hashes visible in dba_users .
However, if you retrieve the "create database link" statement from existing database links using dbms_metadata - you get a suitable for dblink creation (encrypted) password hash.
Best regards
Maxim Received on Fri Aug 28 2009 - 08:42:08 CDT