Using the Database To Do Too Much - Implementing Database Security and Auditing

Databases Reference

In-Depth Information

(CONNECT_DATA =

(SID = PLSExtProc)

(PRESENTATION = RO)

)

Depending on the actual operating system and the version of the data-

base, entries may reference PLSExtProc , extproc , or icache_extproc .

These all refer to the same external procedure module for PL/SQL.

As with extended procedures in SQL Server, external procedures in Ora-

cle are a powerful feature that can be dangerous. There may be conditions

in which they can offer you increased performance and/or functionality, but

you should be fully aware and prepared for the added complexity and,

unfortunately, possible security issues.

In terms of complexity, any scheme that involves multiple address spaces

with multiple calling schemes, different variable layout, and multiple pro-

gramming languages is complex and hard to troubleshoot. In terms of secu-

rity issues, the main one is documented in Oracle Security Alert #29 and

involves a serious high-risk vulnerability in EXTPROC on Oracle 8i and 9i.

The vulnerability is based on the fact that the loading of the external code

by EXTPROC requires no authentication, and therefore an attacker can

masquerade as the Oracle process and cause arbitrary code to be loaded and

run on the operating system with the Oracle user privileges. Because EXT-

PROC is defined and managed through the listener, the attacker can even

initiate this attack over a TCP/IP connection from a remote system.

The simplest fix to this problem is simply to remove EXTPROC from

your system, and even Oracle recommends this action. You should edit

both listener.ora and tnsnames.ora and remove the extproc entries.

You should then delete the EXTPROC executable in the bin directory of

your Oracle installation.

If you still haven't used EXTPROC but contemplate using it, you

should rethink this option. The security issue is just one problem—the

main issue is the added complexity involved. If you are already using EXT-

PROC, take the following steps to better secure your environment:

1.

Separate EXTPROC by creating two listeners: one for the net-

worked database and one for EXTPROC. Do not specify any

EXTPROC entries in the main listener file.

Search WWH ::

Custom Search

Home