Comments on: SYSDBA Specific Privileges http://www.oracleforensics.com/wordpress/index.php/2008/09/16/sysdba-specific-privileges/ ORACLE SECURITY AND COMPUTER FORENSICS Thu, 29 Apr 2010 14:20:52 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: Paul Wright http://www.oracleforensics.com/wordpress/index.php/2008/09/16/sysdba-specific-privileges/#comment-25 Paul Wright Sun, 21 Sep 2008 17:19:58 +0000 http://www.oracleforensics.com/wordpress/?p=89#comment-25 Hello Sven, That's interesting thanks for the extra information. I also had this classic bug in mind with regards to the difference between SYSDBA and DBA. http://blog.tanelpoder.com/2007/11/10/oracle-security-all-your-dbas-are-sysdbas-and-can-have-full-os-access/ Of course an extra "privilege" between the SYSDBA and DBA is the privilege to logon withouth checking the password in SYS.USER$. See my new posting for a few gotchas connected to this fact. Hello Sven,
That’s interesting thanks for the extra information.
I also had this classic bug in mind with regards to the difference between SYSDBA and DBA.
http://blog.tanelpoder.com/2007/11/10/oracle-security-all-your-dbas-are-sysdbas-and-can-have-full-os-access/
Of course an extra “privilege” between the SYSDBA and DBA is the privilege to logon withouth checking the password in SYS.USER$. See my new posting for a few gotchas connected to this fact.

]]> By: SvenVetter http://www.oracleforensics.com/wordpress/index.php/2008/09/16/sysdba-specific-privileges/#comment-24 SvenVetter Tue, 16 Sep 2008 21:49:41 +0000 http://www.oracleforensics.com/wordpress/?p=89#comment-24 Hi Paul With Oracle 11g exists a new feature called "Fine-Grained Access for Network callouts". This controls the usage of 5 packages: - utl_tcp - utl_smtp - utl_mail - utl_http - utl_inaddr A nice feature ;-) but you have to install XDB :-( Without XDB only a sysdba can use this packages. Greetings Sven Hi Paul

With Oracle 11g exists a new feature called “Fine-Grained Access for Network callouts”. This controls the usage of 5 packages:
- utl_tcp
- utl_smtp
- utl_mail
- utl_http
- utl_inaddr

A nice feature ;-) but you have to install XDB :-(

Without XDB only a sysdba can use this packages.

Greetings
Sven

]]>