Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "One more point on Oracle password crackers"] [Next entry: "Direct Grants, DBA, Invoker rights and definer rights"]

Back from Prague and a new paper on explicit grants and roles

I have not been able to blog for the last couple of days as I have been in Prague teaching my companies two day class "How to perform a security audit of an Oracle database" which went really well; there was some great people at the class and also some great discussions during the training and also spilling into the lunches and coffee breaks. I noted down two specific things that were really interesting discussions and will talk about them here in the next couple of days. One is around permissions and the other around the state of Oracle security across the industry.

I have also been writing a paper on the plane out and back to Prague about external access but instead of putting it out as a paper I may make it a multi-part blog instead next week.

Finally I saw today that james Koopmann has put out a new Oracle security related article titled "Explicit GRANTs and ROLES in Oracle Database 11g" which is nice as it highlights some basic issues that should be recognised.