Re: Using DD to Read Data from Oracle Datafiles

• From: Nuno Souto <dbvision@xxxxxxxxxxxx>
• To: "Oracle-L @ freelists.org" <oracle-l@xxxxxxxxxxxxx>
• Date: Fri, 9 Feb 2007 15:12:36 +1100

Quoting rjamya <rjamya@xxxxxxxxx>:

> 
> You can make sure that
> 1. any normal user can't get to the raw (or cooked) datafiles.
> 2. They don't have access to 'dd' command
> 
> in addition to whatever else that you are doing.
> 
> rjamya
> 
> On 2/7/07, Naqi Mirza <naqimirza@xxxxxxxxx> wrote:
> >
> > Thanks Steve, the files will be offline and one of the main purposes of
> > this is to show that data, can be read out of an oracle datafile by a
> > malicious user (sure specifying the count and skip could take some doing
> by
> > a hacker, but its still possible). Even with vpd and label security the
> dba
> > (the insider threat) could still get access to this data. This is one of
> the
> > reasons of pushing the use of TDE at a site - need to check and confirm if
> > this same information is encrypted in the datafiles.
> > Thanks.



Ins't all this precisely what OS restricted shells were created for?
Or has everyone forgotten about them?

-- 
Cheers
Nuno Souto
from windy Sydney
--
//www.freelists.org/webpage/oracle-l

• Follow-Ups:
  • RE: Using DD to Read Data from Oracle Datafiles
    • From: Kevin Closson

• References:
  • Re: Using DD to Read Data from Oracle Datafiles
    • From: Naqi Mirza
  • Re: Using DD to Read Data from Oracle Datafiles
    • From: rjamya

Other related posts:

• » Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » RE: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles
• » Re: Using DD to Read Data from Oracle Datafiles

1. Home
2. oracle-l
3. Archive
4. 02-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---