Re: Database Links and security
Date: Wed, 4 Aug 1993 12:57:00 GMT
Message-ID: <19930804085744.mla_at_132.203.6.11>
In Article <1993Aug4.004139.2790_at_newsgate.sps.mot.com> "ttg242_at_newton.sps.mot.com (David Thornewill von Essen)" says:
> In article mla_at_132.203.6.11, mla_at_132.203.6.11 (Michel Lalonde) writes:
> >If we create the database link with the 'connect to' option,
> >password changing for those super-users can by managed by a dba
> >but then, anyone who can read the data dictionnary ('select any
> >table' is so practical for developers), can read the password ...
> >Is there any known solution ...
> >
> How are they going to read the password??? Only the DBA has access
> to encrypted values of the password (not the password itsself), and
> I wouldn't recommend placing production tables in a DBA account,
> or am I missing something??
>
> Regards,
> David TvE
>
> ---
> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> David Thornewill von Essen Sr. Systems Analyst
> Motorola ASIC Division I don't speak for Mot.
> Chandler, AZ-85224 fax: (602) 814-4451
> email: ttg242_at_email.sps.mot.com tel: (602) 814-4395
> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
>
>
>
if you have the SELECT privilege on SYS tables or SELECT ANY TABLE
try the following:
select username,password from link
Michel Lalonde Tel: (418) 656-3632
Centre de Traitement Fax: (418) 656-7305
de l'Information Internet: MLALONDE_at_CTI.ULAVAL.CA
Universite Laval
Ste-Foy, Quebec, Canada
G1K 7P4
Received on Wed Aug 04 1993 - 14:57:00 CEST