Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: DBLINKs in critical production system

RE: DBLINKs in critical production system

From: Thotangare, Ajay \(GTI\) <Ajay_Thotangare_at_ml.com>
Date: Mon, 30 Apr 2007 12:07:13 -0400
Message-ID: <C8C1CE9973039245BF52C0FC3DF02F60C5C65C@MLNYA222MB.amrs.win.ml.com> 





Till 9i I see Sys.Link$ has clear text password but not in 10gR2. Can I
consider that security hole is patched in 10gR2?10gR1 I haven't checked.
( Leaving aside the performance hit problem)

 






From: JApplewhite_at_austinisd.org [mailto:JApplewhite_at_austinisd.org] 
Sent: Monday, April 30, 2007 11:55 AM


To: Thotangare, Ajay (GTI)


Cc: oracle-l_at_freelists.org; oracle-l-bounce_at_freelists.org
Subject: Re: DBLINKs in critical production system

 




Ajay, 



Depends (as usual).  If the DB Links are FROM the Prod system TO others
and you're careful about which User you connect to on the other end,
then you're probably OK, though others might have issues.  You've got to
be very careful about DB Links from other databases TO Prod.  Those can
become "back doors" to get at your Prod data. 



Also, up through 9i the Password column in the Sys.Link$ table was in
plain text - not in my 10.2 database, though.  Anyone with Select Any
Dictionary priv could see the passwords.  Obviously, a gaping security
hole to make sure you plug. 



DB Links can also be a performance bottleneck if you're dragging lots of
data from other databases back to Prod across a LAN/WAN.  If the other
database(s) is(are) on the same server as Prod, then having the DB Links
use IPC greatly reduces the performance hit. 



DB Links can be useful, even in Prod, but require great care in
implementation, IMHO. 



Jack C. Applewhite - Database Administrator
Austin (Texas) Independent School District
512.414.9715 (wk)  /  512.935.5929 (pager)



Same-Day Stump Grinding!  Senior Discounts!





"Thotangare, Ajay \(GTI\)" <Ajay_Thotangare_at_ml.com> 
Sent by: oracle-l-bounce_at_freelists.org 



04/30/2007 10:32 AM 



Please respond to


Ajay_Thotangare_at_ml.com



To



<oracle-l_at_freelists.org> 



cc

 



Subject



DBLINKs in critical production system

 

 

 






Hi Group, 



I have a question about dblink. I always hear that 






Can anybody please let me know the reason for such comments on dblinks. 



regards, 



Ajay





If you are not an intended recipient of this e-mail, please notify the sender, delete it and do not read, act upon, print, disclose, copy, retain or redistribute it. Click here for important additional terms relating to this e-mail.     http://www.ml.com/email_terms/




--
http://www.freelists.org/webpage/oracle-l


Received on Mon Apr 30 2007 - 11:07:13 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US