Re: Client's access to Oracle's passwords

From: David Fitzjarrell <oratune_at_aol.com>
Date: Wed, 01 Nov 2000 19:59:42 GMT
Message-ID: <8tpsn9$fkj$1_at_nnrp1.deja.com>

In our last gripping episode yf110_at_vtn1.victoria.tc.ca (Malcolm Dew- wrote:
> Roger Crowley (villagefox_at_my-deja.com) wrote:
> (..snip...)
> : catch it in cleartext on the server side. Of course, there are often
> : lots of passwords in cleartext in the view, all_db_links (if you
have
> : encoded a login userid/password in the link). I don't know about
>
> you should put links into USER_DB_LINKS for each user that needs
them.
>
> Only the user can see the contents of the user_db_links table (the DBA
> cannot see the contents of each user_db_link).
>

Interesting... so if I have 300 users, who all need access to the same remote system, I should go through, as each user, and create a private database link to the remote system so that no one but that user could see the password?

One can always create a public database link, without specifying a user/password, to connect to the remote system presuming, of course, that the user account creating the link exists on the remote system:

create public database link <>
using '...';

This eliminates any cleartext passwords in the user_db_links table.

--
David Fitzjarrell
Oracle Certified DBA


Sent via Deja.com http://www.deja.com/
Before you buy.

Received on Wed Nov 01 2000 - 20:59:42 CET

This message: [ Message body ]
Next message: Martin: "Linking SQL Server and Oracle"
Previous message: pasarkar_at_my-deja.com: "Re: Lite - svrmgrl and space management"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message