Three Tier Oracle Security in London ~ Paul M. Wright

(nix, oracle, java, www, cloud ) intersect (safety, security, reliability, integrity)

Three Tier Oracle Security in London ~ Paul M. Wright RSS Feed

Archive for August, 2009


Question: Why escalate to SYSDBA when one can shortcut directly to OSDBA? JAVA_ADMIN is a role in the Oracle DB which is granted to application accounts which wish to take advantage of Java integration. Given the recent US Anti-Trust go-ahead for the Oracle and Sun deal, this is likely to be an increasing phenomena. –Interestingly [...]

VPD vite

A lot of folks think that implementing VPD has to be complex and time consuming. This is not the case. VPD can be used to implement a DENY on a table very quickly indeed. For example, in order to stop a person selecting a table just need to create the function which adds a predicate [...]

Post July 2009 CPU

July 2009 CPU PoCs are out in force. The CPU’s criticality is measured via the CVSS number which is from 1 to 10 being the most critical. This CPU has a vulnerability of 9 as the maximum criticality bug that has been fixed for the DB. However that is only on Windows. For *nix the [...]