{"id":1349,"date":"2016-02-22T22:54:43","date_gmt":"2016-02-22T20:54:43","guid":{"rendered":"http:\/\/www.ora-solutions.net\/web\/?p=1349"},"modified":"2016-02-22T22:54:43","modified_gmt":"2016-02-22T20:54:43","slug":"awr-warehouse-security-issue","status":"publish","type":"post","link":"https:\/\/www.ora-solutions.net\/web\/2016\/02\/22\/awr-warehouse-security-issue\/","title":{"rendered":"AWR Warehouse &#8211; security issue"},"content":{"rendered":"<p>During implementation of AWR Warehouse, I discovered that AWR warehouse is using temporary staging schemas in the AWR warehouse repository database. These schemas life approximately for the duration of a datapump import job and are then dropped again. Due to the fact that the used password is not compliant with customers password verification function, the jobs failed.<\/p>\n<blockquote><p>v_sql := &#8216; CREATE USER &#8216; || STAGING_SCHEMA || &#8216; IDENTIFIED BY SYS_GUID &#8216; ||<br \/>\n&#8216; DEFAULT TABLESPACE &#8216; || tbsname;<\/p><\/blockquote>\n<p>The staging schemas are created with the password &#8220;SYS_GUID&#8221; in capital lettters. This looks to me like the developer tried to generate a random string as password but instead overlooked that the password is set to fixed string &#8220;SYS_GUID&#8221; instead.<\/p>\n<p>Oracle support has noticed this issue and filed an enhancement request. It is a pity, that this is not filed as a bug, but an enhancement.<\/p>\n<p>Well, I hope this improves in a future version together with dynamic retention and purging options as well as customizable staging directories.<\/p>\n<p>Happy AWR\u00b4ing.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>During implementation of AWR Warehouse, I discovered that AWR warehouse is using temporary staging schemas in the AWR warehouse repository database. These schemas life approximately for the duration of a datapump import job and are then dropped again. Due to the fact that the used password is not compliant with customers password verification function, the [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[58,5,6],"tags":[],"class_list":["post-1349","post","type-post","status-publish","format-standard","hentry","category-12c","category-oracle-database","category-oracle-enterprise-manager"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.ora-solutions.net\/web\/wp-json\/wp\/v2\/posts\/1349","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ora-solutions.net\/web\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ora-solutions.net\/web\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ora-solutions.net\/web\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ora-solutions.net\/web\/wp-json\/wp\/v2\/comments?post=1349"}],"version-history":[{"count":1,"href":"https:\/\/www.ora-solutions.net\/web\/wp-json\/wp\/v2\/posts\/1349\/revisions"}],"predecessor-version":[{"id":1350,"href":"https:\/\/www.ora-solutions.net\/web\/wp-json\/wp\/v2\/posts\/1349\/revisions\/1350"}],"wp:attachment":[{"href":"https:\/\/www.ora-solutions.net\/web\/wp-json\/wp\/v2\/media?parent=1349"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ora-solutions.net\/web\/wp-json\/wp\/v2\/categories?post=1349"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ora-solutions.net\/web\/wp-json\/wp\/v2\/tags?post=1349"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}