I have used Dul many times at customer sites when I was employed by Oracle Denmark.
Every time the customer management had to verify by phone and fax that they understood
the full impact of using Dul.
Oracle have disclaimer that explains the problems with missing transaction consistency of the
data saved by Dul and the security issues.
The customer has to sign and fax the disclaimer back to Oracle before we came on site .-)
After I left Oracle several people ask me if would write a Dul and I declined.
I'm of the opinion that Dul should stay behind the Oracle firewall.
/peter
Pete Finnigan wrote:
Hi Mark
I agree with you Mark, even if its supplied by Oracle technicians - it
is as you say possible to by-pass security completely. Does anyone in
Oracle check that the field support personnel dispatched to a site ( in
urgency ) are dumping data for the owner of it? -
I covered the issue of DUL with regards to security is the SANS Oracle security step-by-step book - action 6.5.1
kind regards
Pete
In article <[EMAIL PROTECTED]>, Mark Leith
<[EMAIL PROTECTED]> writes
One problem I see with giving this away "free" is that you will be supplying a tool that allows you to extract data from the database, bypassing all inbuilt security. A BIG "no no". I suppose that also applies to this kind of tool even under a paid license structure.
-- Peter Gram, Miracle A/S Phone : +45 2527 7107, Fax : +45 4466 8856, Home +45 3874 5696 mail : [EMAIL PROTECTED] - http://MiracleAS.dk
Upcoming events: DatabaseForum 2003, Lalandia 2-4 October Visit http://miracleas.dk/events/DBF2003/invitation.html
Miracle Master Class with Tom Kyte, 12-14 January 2004
smime.p7s
Description: S/MIME cryptographic signature
