Skip to content
pvmehta.com

pvmehta.com

  • Home
  • About Me
  • Toggle search form
  • get_vmstat_linux Oracle
  • Search and replace editor command in vi Linux/Unix
  • Important Solaris Commands Linux/Unix
  • Rownum with Order by Oracle
  • findx.sql /* Find Indexes on specified USER.TABLE_NAME */ Oracle
  • rm_backup_arch_file.ksh Linux/Unix
  • Oracle Data Direct to TAPE Oracle
  • How to remove blank lines using vi editor command Linux/Unix
  • 284785.1 How to check RAC Option is currently linked into the Oracle Binary Oracle
  • Difference between SYNC and AFFIRM Oracle
  • Does DBMS_JOB recompute the NEXT_DATE interval after or before Oracle
  • Virtual Indexes in Oracle Oracle
  • Free conference number from http://www.freeconference.com Oracle
  • Linux CPU info. Linux/Unix
  • oracle tips… from http://www.bijoos.com/oracle/douknow.htm Oracle

Database link password in user_db_links

Posted on 09-Dec-2009 By Admin No Comments on Database link password in user_db_links

Problem Description:

~~~~~~~~~~~~~~~~~~~~

Database link passwords are stored as plaintext. A database link is a mechanism

used to provide a method of transparently accessing one server from another.

When creating a database link, a user name and password of the account on the remote

server can be specified. Creating the database link without credentials works

only if the user exists on both databases and has the same password.

Once this is done, all queries using the link have the privilege of the

indicated account on the remote server. By omitting an account and password when

creating a database link, the account and password of the user connecting

through the link is used. Indicating the username and password of an account to

use for all connections through a link can lead to passwords being exposed.

Database link passwords until recently (version 10gR1) were stored unencrypted in

the database. Users with SELECT privilege on the SYS.LINK$ table could view the

passwords in plain text. Setting up links to authenticate as the current user

prevents unencrypted passwords from being exposed, prevents linked servers from

being compromised, and provides increased accountability.

Oracle accounts were found with permission to view the table SYS.LINK$. Access

to view the table SYS.LINK$ should be restricted because database link passwords

are stored unencrypted in this table.

Possible Symptoms:

~~~~~~~~~~~~~~~~~~

If you have SELECT ANY TABLE privilege on a database, you can see the password

of the user that can belong to a remote or local database(s) in the SYS.LINK$ table

and using this password, you can connect these remote or local databases at will.

We rely on sys to protect link$. If customers don’t trust a DBA, there are many

things the DBA can do that make any encryption attempt useless.

Important change in the SELECT ANY DICTIONARY system privilege

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

In Oracle release 10gR1, the access to SYS.LINK$ was removed from the

SELECT ANY DICTIONARY system privilege (hence the ORA-1031 error), while this

still doesn’t solve the general problem: tools such as Oracle Enterprise Manager

that depend on SELECT ANY DICTIONARY to be available can be deployed without

access to SYS.LINK$.

Workarounds:

~~~~~~~~~~~~

There are no workarounds to protect against this potential vulnerability but

it is possible to use this:

-> Drop the database link and create a link without specifying an account and

passwords.

To drop a database link, execute the command:

SQL> drop database link ;

To re-create a link without hard coding the password, execute the command:

SQL> create database link using ;

-> To revoke permissions from the account or role, execute the following

command:

SQL> revoke select on SYS.LINK$ from ;

Patches:

~~~~~~~~

Currently there is not a patched Installer available to deal with this problem.

One of the workarounds listed above must be used.

It is no more the case under version 10g Release 2 (10.2.0.x), the LINK$ table

now contains a new column PASSWORDX that contains the encrypted database link

password. Details of the encryption scheme will not be disclosed for obvious reasons.

Oracle, SQL scripts

Post navigation

Previous Post: find_err.sql for finding errors from dba_errors.
Next Post: Find_table_size.sql

Related Posts

  • sess1.sql Oracle
  • V$ROLLSTAT status is Full Oracle
  • Vivek Tuning for Row Locks. Oracle
  • Find_stale_dr.sql finding stale physical DR.. Oracle
  • Create type and Grant on it. Oracle
  • All About oracle password and security from metalink Oracle

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Categories

  • AWS (2)
  • Azure (1)
  • Linux/Unix (149)
  • Oracle (388)
  • PHP/MYSQL/Wordpress (10)
  • Power-BI (0)
  • Python/PySpark (7)
  • RAC (17)
  • rman-dataguard (26)
  • shell (149)
  • SQL scripts (337)
  • Uncategorized (0)
  • Videos (0)

Recent Posts

  • findinfo.sql (SQL for getting CPU and Active session info)27-May-2025
  • SQL Tracker by SID sqltrackerbysid.sql22-Apr-2025
  • How to connect to Oracle Database with Wallet with Python.21-Mar-2025
  • JSON/XML Types in Oracle18-Mar-2025
  • CPU Core related projections12-Mar-2025
  • Exadata Basics10-Dec-2024
  • Reading config file from other folder inside class24-Sep-2024
  • Python class import from different folders22-Sep-2024
  • Transfer SQL Profiles from One database to other database.05-Sep-2024
  • Load testing on Oracle 19C RAC with HammerDB18-Jan-2024

Archives

  • 2025
  • 2024
  • 2023
  • 2010
  • 2009
  • 2008
  • 2007
  • 2006
  • 2005
  • Create type and Grant on it. Oracle
  • temp_use.sql diplays usage of temp ts Oracle
  • S3 Basic info AWS
  • Goldengate Tutorial Oracle
  • How does one SELECT a value from a table into a Unix variable? From SQL to Shell Linux/Unix
  • Find all users who have DML privileges Oracle
  • Oracle 11g RAC on OEL 5 and Vmware 2 Oracle
  • Find All internal Parameters Oracle

Copyright © 2025 pvmehta.com.

Powered by PressBook News WordPress theme