Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.tools -> Re: Client's access to Oracle's passwords

Re: Client's access to Oracle's passwords

From: David Fitzjarrell <oratune_at_aol.com>
Date: Wed, 01 Nov 2000 19:59:42 GMT
Message-ID: <8tpsn9$fkj$1@nnrp1.deja.com> 






In our last gripping episode yf110_at_vtn1.victoria.tc.ca (Malcolm Dew-
 wrote:


> Roger Crowley (villagefox_at_my-deja.com) wrote:

> (..snip...)

> : catch it in cleartext on the server side. Of course, there are often

> : lots of passwords in cleartext in the view, all_db_links (if you

 have


> : encoded a login userid/password in the link). I don't know about

>

> you should put links into USER_DB_LINKS for each user that needs

 them.


>

> Only the user can see the contents of the user_db_links table (the DBA

> cannot see the contents of each user_db_link).

>




Interesting... so if I have 300 users, who all need access to the same
remote system, I should go through, as each user, and create a private
database link to the remote system so that no one but that user could
see the password?



One can always create a public database link, without specifying a
user/password, to connect to the remote system presuming, of course,
that the user account creating the link exists on the remote system:



create public database link <>


using '...';



This eliminates any cleartext passwords in the user_db_links table.


--
David Fitzjarrell
Oracle Certified DBA


Sent via Deja.com http://www.deja.com/
Before you buy.


Received on Wed Nov 01 2000 - 13:59:42 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US