Secure passwords in scripts

TweetShareSharePin0 SharesWe have all – I hope – started using a password manager for the gazillion passwords we all have for miscellaneous websites and systems we access. My preference is 1Password and that is what I will show in this blog. When using it with a website it works very nice, you just select the saved login and it fills it in and you get logged in with the super complex password you have for that site. For logging into […]

Security, SQL

Quicktip: Don’t grant access to a synonym

TweetShareSharePin0 SharesI’ve seen this in a few places lately. When I ask the database guys there about it, they think this DDL would never work or “it does nothing but does not return an error”. Here is an example, All of the following is performed by a DBA user. We create a table, let’s call it TB. It is owned by user A. User B is granted select privilege to A.TB. A synonym is created for user B pointing to A.TB, let’s call […]

Bug, DBA, Oracle, Security

Is your database secure? Are you sure? Are you *really* sure?

TweetShareSharePin0 SharesA friend and at the time co-worker at Kentor AB found this bug. He found the bug and had the tenacity to track down and prove that it was a bug and not just a flaw in the logging mechanism where this first was indicated to occur. Today is the day when I can finally speak about a bug I asked for a peer review on over a year ago. I had to pull that blog post offline when […]