Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements

From: Jared Still <jkstill_at_gmail.com>
Date: Wed, 4 May 2011 11:48:56 -0700
Message-ID: <BANLkTi=Aax+kMaFityf98w_dAiQB_Fr6fQ_at_mail.gmail.com>

On Tue, May 3, 2011 at 11:42 AM, Michael Wehrle <michaelw436_at_gmail.com>wrote:

> Jared, I had this issue (possibly similar) a few years back on a 10.2.0
> database, and Oracle actually provided a patch for it. See my writeup about
> it here
> iamsys.wordpress.com/2010/03/16/how-to-protect-sensitive-bind-data-in-redo-logs/,
> and if you have anymore questions, I will be glad to TRY to remember them,
> as it was a few years ago.
>
>

Thanks Michael.

The test case referenced in your blog is no longer a valid URL. Do you know where to find it now.

Also, the patch number referenced is not even found in MOS, leading me to believe it was a one off patch for you or your customer.

Do you have any more info on where to find this in MOS?

Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist Oracle Blog: http://jkstill.blogspot.com Home Page: http://jaredstill.com

--
http://www.freelists.org/webpage/oracle-l

Received on Wed May 04 2011 - 13:48:56 CDT

This message: [ Message body ]
Next message: Vit Spinka: "Re: Just as a learning exercise"
Previous message: Grzegorz Goryszewski: "Re: V$GCSPFMASTER_INFO shows only undo segments even if _gc_affinity_time 10"
In reply to: Michael Wehrle: "Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements"
Next in thread: Michael Wehrle: "Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements"
Reply: Michael Wehrle: "Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message