While researching a security concern, I discovered that users are able to query a remote database without the need of a dblink.
However, this was only true for databases that had no value for DB_DOMAIN. If the local database's DB_DOMAIN was qualified with "foo.com", then a user could not query the remote DB and required a dblink.
I could not find any documentation that explains why this happens and am a very new DBA. What is it about Oracle that allows this to happen? Is the only way to prevent this to qualify every database's DB_DOMAIN with "foo.com"?
Example of accessing information from remote DB without a dblink below:
From DB: FooB
SQL*Plus: Release 10.2.0.5.0 - Production on Thu Feb 26 16:05:21 2015
Copyright (c) 1982, 2010, Oracle. All Rights Reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> show parameter db_domain;
NAME TYPE VALUE
------------------------------------ ----------- ------------------------------
db_domain string
From DB:FooA
SQL*Plus: Release 10.2.0.5.0 - Production on Thu Feb 26 16:08:25 2015
Copyright (c) 1982, 2010, Oracle. All Rights Reserved.
Connected to:
Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
With the Partitioning, OLAP, Data Mining and Real Application Testing options
SQL> show parameter db_domain;
NAME TYPE VALUE
------------------------------------ ----------- -----------------------------
db_domain string
SQL> select sysdate from dual@FooB;
SYSDATE
---------
26-FEB-15
SQL> select db_link from all_db_links;
no rows selected
Aucun commentaire:
Enregistrer un commentaire