HTML DB v 1.5 security loophole
From: Mark C. Stock <mcstockX_at_Xenquery>
Date: Fri, 12 Aug 2005 17:52:01 -0400
Message-ID: <lcmdnXYeyJCZh2DfRVn-og_at_comcast.com>
It appears that with HTML DB v 1.5, anyone that has ADMIN privileges on the INTERNAL workspace can get access to every schema in the database (except apparently SYS).
Date: Fri, 12 Aug 2005 17:52:01 -0400
Message-ID: <lcmdnXYeyJCZh2DfRVn-og_at_comcast.com>
It appears that with HTML DB v 1.5, anyone that has ADMIN privileges on the INTERNAL workspace can get access to every schema in the database (except apparently SYS).
I understand this has been fixed in 1.6 and improved in 2.0, but I've not had a chance to check it out in either of those versions.
Has anybody else encountered this?
++ mcs Received on Fri Aug 12 2005 - 23:52:01 CEST