Re: DBMS_JOB.remove

Yeah, I know it needs those two privileges, so SYS,SYSTEM... can remove other people's jobs. (In fact, with the help of another undocumented package, even EXECUTE ANY PROCEDURE alone may allow anybody to remove others' jobs, as one of the experts well known here explained).

That security hole may not be counted as a bug because of fundamental design. Oracle does things differently than OS in the sense that an Oracle user executes somebody else's code assuming the owner's identity by default, while on any OS a user executes somebody else's code with his own privilege by default. That's why on UNIX setuid script or even binary program are often frowned upon by security-sensitive people.

Yong Huang

Norman Dunbar <Norman.Dunbar_at_lfs.co.uk> wrote in message news:<E2F6A70FE45242488C865C3BC1245DA7034B7090_at_lnewton.leeds.lfs.co.uk>...
> Morning Yong,
>
> that will only work if the user has CREATE_ANY_PROCEDURE and
> EXECUTE_ANY_PROCEDURE granted. I know this because it is a major
> security hole in a package we have here - for which I've raised a
> serious bug and so far nothing has been fixed.
>
> Cheers,
> Norman.
>
> -------------------------------------
> Norman Dunbar
> Database/Unix administrator
> Lynx Financial Systems Ltd.
> mailto:Norman.Dunbar_at_LFS.co.uk
> Tel: 0113 289 6265
> Fax: 0113 289 3146
> URL: http://www.Lynx-FS.com
> -------------------------------------
>
>
> -----Original Message-----
> From: yong321_at_yahoo.com (Yong Huang) [mailto:yong321_at_yahoo.com]
> Posted At: Tuesday, February 11, 2003 11:55 PM
> Posted To: server
> Conversation: DBMS_JOB.remove
> Subject: Re: DBMS_JOB.remove
>
>
> Equally "not supposed to" is create procedure thatuser.tmp as begin
> execute immediate 'begin dbms_job.remove(thatjob#); end;'.
>
> Yong Huang
Received on Wed Feb 12 2003 - 09:00:56 CST