Already a member?
Sign in
Welcome! Wikis are websites that everyone can build together. It's easy!
Location: Data Pump Export (expdp) and Data Pump Import(impdp)
Discussion: Data Pump Security
Keyword tags:
data pump
expdp
export utility
impdp
import utility
Watch
|
Moles Moles |
Data Pump Security
Jan 23 2008, 3:30 PM EST It appears that when invoking impdp or expdp there is no choice but to supply both username and password on the command line. This is a gross security violation in an environment where non-privileged users have any kind of shell access to a (UNIX) server. Oracle Corp. should know better - shame on you! 13 out of 31 found this valuable. Do you? |
 Ninja-Geek |
RE: Data Pump Security
Jan 28 2008, 2:01 PM EST You just need to think outside the box: [oracle@is414pro ~]$ expdp schemas=fun dumpfile=fun_dir:expdp.dat <<DONE > / as sysdba > DONE ..... Connected to: Oracle Database 11g Enterprise Edition Release 11.1.0.6.0 - Production With the Partitioning, OLAP, Data Mining and Real Application Testing options Starting "SYS"."SYS_EXPORT_SCHEMA_01": /******** AS SYSDBA schemas=fun dumpfile=fun_dir:expdp.dat 5 out of 13 found this valuable. Do you? |
|
Moles Moles |
RE: Data Pump Security
Jan 28 2008, 3:42 PM EST That's certainly a workaround but there should be no need for a workaround. When running jobs that require non-trivial parameters it is nearly inevitable that a parameter file will be used. All Oracle Corp. needed to do was maintain the exp/imp capability of placing credentials in that file. Removing that option is more than just unfortunate - it's plain sloppy. 5 out of 15 found this valuable. Do you? |