Re: CREATE DATABASE LINK privilege discussion

From: Bill Ferguson <wbfergus_at_gmail.com>
Date: Mon, 31 Oct 2011 06:47:53 -0600
Message-ID: <CADEE6ZOb-waahjaJoCoceGOZ_rwq0Yy1p3sQDs8J6EXvuxDQ=w_at_mail.gmail.com>



Maybe another approach may be this:

Find a few articles, etc., that talk about the database security threats. Find other articles that discuss database links, and specifically how 'some' db links have the id and password associated with them. Because of this, in government work, we are highly discouraged from using them, but if needed, we are still allowed to use them with proper documentation about understanding the security risks, taking responsibility for ensuring periodic password changing (and then of course, any associated code that may break because of the new password, etc.).

Allow it, but make it a pain in the rear end, and get them to sign paperwork (CYA), so if anything negative happens, they have been fully informed and any consequences can be laid directly on them.

--

Received on Mon Oct 31 2011 - 07:47:53 CDT

Original text of this message