Re: hot to limit sqlldr ?
Date: Wed, 13 Apr 2005 22:14:14 +0200
Message-ID: <d3juih$3tp$04$1_at_news.t-online.com>
Stefan schrieb:
> ideally you are correct - however, I am hosting an application which
> requires that the application level user have the same username and
> password as the database level user, AND the database level user has to
> have insert/update/delete in order to be able to use the application's
> front end....
> I know it's a horrible design, but that's the way it is....
>
> so the only thing I've been able to think of so far is to create a
> LOGON trigger which kills sessions unless they are made via the
> appropriate client application...
>
> was wondering if there are any other ideas out there...
>
I think ,your real intention is to restrict the users to do only those
things, that are allowed in your application forms, but you haven't
restrict users to use only application credentials ( as they are the
same as the database credentials ). If i am right in my suggestion, you
can't be sure if you restrict the use of sql loader - every intermediate
user can in 5 minutes write a script ( or a small java program, if you
restrict the use of sqlplus ) and put all it unwanted sql in your
database, that you can hard imagine. I would consider to use in that
case an application context ( good start point could be
http://www.oracle.com/technology/tech/windows/wp/Oracle_DB_10g_Security_WP.pdf
). For example , if your application run on the dedicated server and
your end user have no access to this machine, you can indeed write an
logon trigger that checks the context and then, if session comes from
one certain ip address - of your appserver - (ip address is not
necessary, you can set any attribute in your context for you application
server ) , needed role should be enabled to allow insert/update etc, all
other ip addresses should provide no permissions for dml, or somewhat
like this.
Unfortunately you can not kill session through an logon trigger , in
worst case - raise exception , that helps , if your end user aren't
dba's ...
Nevertheless, the Noel's idea ( if password = 'TIGER' then password := substr(password,2); end if; ) i found really perfect ... ( i'll try to implement it next week)
Best regards
Maxim Received on Wed Apr 13 2005 - 22:14:14 CEST