Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements

• From: Wolfgang Breitling <breitliw@xxxxxxxxxxxxx>
• To: kennethnaim@xxxxxxxxx
• Date: Mon, 2 May 2011 22:57:16 -0600

It can't depend on the client as cursor_sharing is a database parameter. I have 
not seen what you describe except if cursor_sharing was turned on dynamically 
and the sql hadn't aged out of the shared pool since they were using bind 
variables and were still reused. 

On 2011-05-02, at 3:15 PM, Kenneth Naim wrote:

> I've dealt with many applications that use bind variable improperly mostly
> on 10g and have seen this frequently. I haven't tested it on other versions
> and it possible that it depends on the client doing the binding.
> 

--
//www.freelists.org/webpage/oracle-l

• References:
  • Security Question - how do you deal with sensitive information hardcoded in SQL statements
    • From: Jared Still
  • RE: Security Question - how do you deal with sensitive information hardcoded in SQL statements
    • From: D'Hooge Freek
  • Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements
    • From: David Fitzjarrell
  • RE: Security Question - how do you deal with sensitive information hardcoded in SQL statements
    • From: D'Hooge Freek
  • RE: Security Question - how do you deal with sensitive information hardcoded in SQL statements
    • From: Kenneth Naim

Other related posts:

• » Security Question - how do you deal with sensitive information hardcoded in SQL statements- Jared Still
• » RE: Security Question - how do you deal with sensitive information hardcoded in SQL statements- D'Hooge Freek
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements- David Fitzjarrell
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Michael Moore
• » RE: Security Question - how do you deal with sensitive information hardcoded in SQL statements- D'Hooge Freek
• » RE: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Lange, Kevin G
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Stephane Faroult
• » RE: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Kenneth Naim
• » RE: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Jorgensen, Finn
• » RE: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Kenneth Naim
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements - Wolfgang Breitling
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Jared Still
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Niall Litchfield
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Michael Wehrle
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Pavel
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Jared Still
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Michael Wehrle
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Jared Still
• » Re: Security Question - how do you deal with sensitive information hardcoded in SQL statements- Michael Wehrle

1. Home
2. oracle-l
3. Archive
4. 05-2011

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---