Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Secure Oracle Database link method

Posted on 2008-06-17
1
Medium Priority
?
580 Views
Last Modified: 2013-12-19
I need the syntax for a Oracle Database link that offers the best security if a user needs to link to our database. We would like to be able to control the passwords and the user of the link shouldn't know the passwords of the link or  be able to get into our remote system if they ever got into our building and had access to our PC's
0
Comment
Question by:7Souls
1 Comment
 
LVL 74

Accepted Solution

by:
sdstuber earned 1500 total points
ID: 21807395
it's not so much the link itself then as the user that will log into the database to use the link.
If they user can read sys.link$ then he/she can read the passwords.


Similarly, if the account on the remote system has extra privileges then don't let the user use that link at all.


the best way I know of is to create an unauthenticated link.


CREATE DATABASE LINK my_link  USING 'mydatabase';

this creates a private link, so it's only usable to the owner if the user you're interested in isn't the owner, then he/she can't use it.

if you want them to use it, then create it public, or create it under that user's schema.


With a database link like that,  you see it has no user or password.  In that case.  when you use the link  the current users' username and password are sent to the remote system.  So  the user logs in as themself and only as themself.   So they have only the permissions they have if they were to log in to the remote system directly.  If that's no permissions at all, then the link won't work for them.






0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Configuring and using Oracle Database Gateway for ODBC Introduction First, a brief summary of what a Database Gateway is.  A Gateway is a set of driver agents and configurations that allow an Oracle database to communicate with other platforms…
Checking the Alert Log in AWS RDS Oracle can be a pain through their user interface.  I made a script to download the Alert Log, look for errors, and email me the trace files.  In this article I'll describe what I did and share my script.
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
Suggested Courses
Course of the Month13 days, 16 hours left to enroll

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question