?
Solved

DBA_DB_LINKS  internal or external

Posted on 2014-02-11
7
Medium Priority
?
383 Views
Last Modified: 2014-02-11
if our database has an entry to another database in DBA_DB_LINKS , does that mean an account in our database can access this remote database (i.e. extract data from or insert data into), or that this remote database can access/insert data into our database?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 35

Accepted Solution

by:
johnsone earned 2000 total points
ID: 39849896
If it is in the local database that means you can connect to the remote database.  In order for the remote database to connect to your local database, that database needs a link too.

As far as what you can do in the database that is the object of the link, that is controlled by standard privileges of the user you are connecting to in the remote database.
0
 
LVL 3

Author Comment

by:pma111
ID: 39849934
is there anyway to determine which remote databases are connecting to your database? i.e. extracting from or inserting into your database, from their own database? and under what account the connection is made?
0
 
LVL 35

Expert Comment

by:johnsone
ID: 39849973
The account information is stored as part of the link.  That should be in DBA_DB_LINKS.  As far as what they are doing, I believe the only way to determine that is by turning on auditing.  To the database that is being connected to, it looks just like any other connection.
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 
LVL 3

Author Comment

by:pma111
ID: 39850066
im a little lost (happens easily), but in dba_db_links I should see both inbound and outbound links,

i.e. our db has access to remote database XYZ
and vice versa,
i..e external DB can access our DB using account XYZ

does this view contain credentials as well, i.e. if our db can access external db, persumably there is a password involved (for an account in their db), so where is that stored?
0
 
LVL 35

Expert Comment

by:johnsone
ID: 39850153
DBA_DB_LINKS is outbound links only.  There are no inbound links in DBA_DB_LINKS.  Really a database link is just a holder for a connection string that tells Oracle how to get to the database on the other side of the link.  There is no need for inbound links, they just come through as a normal connection.

If you look at the HOST and USER columns in DBA_DB_LINKS, that is the connect information for the outbound link.  HOST refers to the tnsnames entry that points to the database and USER is the user that is connected to.

In your example, external DB can access our DB using account XYZ, the database link for this would be in the external database and there is no link in the local database to support this.  Access is controlled through the XYZ account that is in the local database.  The link has the same privileges as the user XYZ in the local database.  If there is no link in the external database, then there cannot be a connection made through a link to the local database.
0
 
LVL 3

Author Comment

by:pma111
ID: 39850165
ok thanks, but theres no obvious way within your database to determine which external databases are accessing your database (i.e. updating, extracting or inserting) via a link?
0
 
LVL 35

Expert Comment

by:johnsone
ID: 39850356
If a database link was still open, you could identify the session in V$SESSION by looking at the MACHINE column.  But there is no way to distinguish a link for a standard session that I know of.  As for what the session is doing, some form of auditing would be the only way that you could find that out.

Again, what can be done through the link is controlled by the privileges of the user that is being connected to.  If they are connecting to XYZ user and that user doesn't have privileges to update, then you cannot update over the link.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Note: this article covers simple compression. Oracle introduced in version 11g release 2 a new feature called Advanced Compression which is not covered here. General principle of Oracle compression Oracle compression is a way of reducing the d…
From implementing a password expiration date, to datatype conversions and file export options, these are some useful settings I've found in Jasper Server.
This video shows, step by step, how to configure Oracle Heterogeneous Services via the Generic Gateway Agent in order to make a connection from an Oracle session and access a remote SQL Server database table.
This video shows information on the Oracle Data Dictionary, starting with the Oracle documentation, explaining the different types of Data Dictionary views available by group and permissions as well as giving examples on how to retrieve data from th…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question