Month: February 2013

Uncategorized

Previous post hidden

TweetShareSharePin0 SharesI have hidden my previous post on the explicit request by Oracle Security Team. If you did read it or have it in your RSS, please do not forward or talk about it online until further notice. I’m not sure it is the right thing to do, but I have promised Oracle to not publish it for now. Please help me keep that promise. TweetShareSharePin0 Shares

DBA

Can table security be circumvented with a view? (Bug for peer review)

TweetShareSharePin0 SharesMy collegue Daniel Ekberg (@dan_ekb) stumbled on a very strange issue the other day. After having tested it in three separate environments and on both 10g and 11g (11.2.0.1 and 11.2.0.2) we have resigned to believing that this may actually be a bug. If it is, it is a LARGE one. Essentially we can perform insert, update, and delete on a table on which we have only been given select rights. Yes, it sounds as if it really wouldn’t […]