Hi, One way to reduce the risk is to not have the database link connect to the schema owning the objects you are trying to reach, but instead connect it to a separate schema that only gets the privileges required to access that required object(s). For the password enabled roles, is this not something that should be done on the db link "start point". eg to protect the views (or packages) in which "table@db_link<mailto:table@db_link>" is used? kind regards, -- Freek D'Hooge Uptime Oracle Database Administrator email: freek.dhooge@xxxxxxxxx<mailto:freek.dhooge@xxxxxxxxx> tel +32(03) 451 23 82 http://www.uptime.be On wo, 2014-01-15 at 17:02 -0400, Juan Carlos Reyes Pacheco wrote: Hello, I think you know If you use database links once you connect the user, you have all the privileges the link has. Even if you reduce to the minimum the privileges the user you use to connect the database links, that privileges are enabled from the beggining. You don't have something like enable role with password in users. I don't know if some one please knows how to avoid the security problem, I supposed Oracle was going to do something but I don't see he's planning to create a solution to make secure the database links. The only solution I had seen is not to use database links. Thank you