Environment: DB1: RH 8.0 with Oracle EE 9.2.0.4
DB2: Win2k SP3 with Oracle EE 9.2.0.1 SYSTEM user on each database initially have different passwords. It goes something like this: DB1: select password from dba_users where username = 'SYSTEM'; Let's say the result is 'AC424SDK4398' DB2: Logon to DB2 as SYSTEM. alter user SYSTEM identified by values 'AC424SDK4398'; create database link systemlink using 'DB1'; Logout, and log back on to DB2 as SYSTEM. select count(*) from [EMAIL PROTECTED]; Works for me in this environment. DB2 is compromised. HTH Jared On Mon, 2003-12-22 at 08:29, Yong Huang wrote: > Hi, Gregory, > > I only have access to Oracle 9.2 on my laptop. Here's my test. I have ORCL and > AUX1 databases, the latter created by RMAN DUPLICATE some time ago. I logon > AUX1 as SYSTEM. Set SYSTEM password hash value to the same as in ORCL. Create > link L to ORCL without password. Selecting from a table in ORCL @L (i.e. select > * from [EMAIL PROTECTED]) throws ORA-1017 invalid username/password. > > Alternatively, I logon as SYS and create a procedure owned by SYSTEM, with one > line execute imediate('select count(*) from [EMAIL PROTECTED]'). When I execute > system.<this procedure> as SYS, I get ORA-1005 null password given. (I could > use DBMS_SYS_SQL but using the execute immediate trick obviates the need to > remember the syntax in that undocumented package). > > If I use connect to current_user to create the link, I always get ORA-28030 > Server encountered problems accessing LDAP directory service. > > Could you try on your databases and show how you do it? As I said, this may be > a security problem. I'm just too ignorant of it and can't reproduce it for now. > > Yong Huang > > Norris, Gregory T [ITS] wrote: > > There's no reason I can see that he couldn't create the dblink first, and then > reset the password using the encrypted value. Alternately, the dblink could be > > created using the DBMS_SYS_SQL package... no knowledge of the current password > required. > > create database link foo > connect to current_user > using 'bar'; > > __________________________________ > Do you Yahoo!? > New Yahoo! Photos - easier uploading and sharing. > http://photos.yahoo.com/ > -- > Please see the official ORACLE-L FAQ: http://www.orafaq.net > -- > Author: Yong Huang > INET: [EMAIL PROTECTED] > > Fat City Network Services -- 858-538-5051 http://www.fatcity.com > San Diego, California -- Mailing list and web hosting services > --------------------------------------------------------------------- > To REMOVE yourself from this mailing list, send an E-Mail message > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > the message BODY, include a line containing: UNSUB ORACLE-L > (or the name of mailing list you want to be removed from). You may > also send the HELP command for other information (like subscribing). > -- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: Jared Still INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).