Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Mailing Lists -> Oracle-L -> RE: Oracle 10
> DENNIS WILLIAMS
> Sent: 05 May 2003 16:52
> To: Multiple recipients of list ORACLE-L
> Subject: RE: Oracle 10
>
>
> I'm sure Oracle is trying to convince potential customers
> that they have better security than Microsoft. If you are a
> CIO who has been plagued with Microsoft vulnerabilities,
> these features may sound really good. For those of us who
> haven't been plagued with security vulnerabilities, these
> don't look so appealing.
I'd agree. Except that the 'cross-join vulnerability' that came out at the same time as the 'unbreakable' marketing campaign still scares me. Net result is you buy a product because an x million dollar marketing campaign says that its 'unbreakable'. As it turns out anyone with 'CREATE SESSION' privilege can see whatever data they like and anyone with 'CREATE SESSION' and 'CREATE VIEW' can modify whatever data they like. Only in the 'unbreakable' version obviously.
And I wonder how many folk still have 9.0.1 (and indeed have products that are only certified for that version).
> Hopefully we can turn off some of
> these features and provide a rational explanation to the
> management chain.
Automatic download of patches would be a good thing in my book, automatic application a disaster.
Niall
-- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: Niall Litchfield INET: niall.litchfield_at_dial.pipex.com Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).Received on Tue May 06 2003 - 16:56:53 CDT