Category Archives: infosec

#Old Error Message #New Error Message Well, that makes it easier. I believe this will help people new to writing sql, I remember quite well when I was first learning, I would struggle understanding the error messages.

We’ve been using the dual table to return information on functions for longer than I care to think about. Now, in 23c you don’t need to include “from dual” in your code.

I love working from the command line. Now, don’t get me wrong, I spend quite a bit of time in #sqldeveloper and love it. Quite a few of my scripts reside on my laptop where I can use my editor … Continue reading →

When you have developers, sometimes it’s challenging to determine just what roles they need. If you’re not careful, you’ll over privilege an account and just as anoying you may wind up under privilege an account and need to go back … Continue reading →

When coming into a new environment and trying to learn a bit about the data my customer has; one of the tools I use is to grab histograms of key data. Now in sqlcl and sql developer you have the … Continue reading →

There has been something that’s bothered me for a long time, Oracle 23c addresses it. In the old days, a database could be copied over to another machine along with it’s auto-login wallet; and the auto-login wallet would work. In … Continue reading →

In the old days before Oracle 23c, you had two options when creating build scripts. 1) Take the error message such as ORA-00942 Table or View does not exists, or you could write pl/sql and trap the error like this. … Continue reading →

In Oracle 23c we can now grant privileges on a schema to a user. Now, in previous versions of Oracle, you never wanted to grant with the “ANY” clause; however, now we can just apply that to a schema. In … Continue reading →

“Welcome to Grey Beards #2 with Oracle ACE Director Craig Shallahamer, where we delve into the exciting world of Oracle technology and beyond! In this episode, we’re discussing the back story behind the sale of OraPub to Viscocity, the impact … Continue reading →

There are days when I honestly want to hang up my spurs and retire. To be honest, the problem is not with TDE; it’s with some people not understanding how TDE works. There are a couple ways you can implement … Continue reading →

We’ve come a long way from 10g XE to 23c Free Developers edition. Oracle 23c Free Developers Release

Roger Cormejo and I discuss tactics you can use to protect yourself and make yourself relevant.

I’ve been working learning Oracle Machine Learning and noticed a new feature this morning. You now have the ability to run R scripts in scratchpad.

If you use datapump to get an export of your database, then please encrypt your exports. Even if you’re using TDE, this spillage can happen. To fix this, use the encryption parameter on the command line. This will prevent data … Continue reading →

–As a user with create role privileges and the ability to grant — the required privileges to the role. ie: DBA conn rob_dba@demo create role <role>; grant <privilege> on <object owner>.<object name> to <role>; grant <role> to <package owner> with … Continue reading →

After migrating your database to OCI; if you don’t need the data anymore on your local system(s), you should do a secure delete on all your local datafiles. If you are going to need the data again, then move the … Continue reading →

Do you see the problem with the following code fragment?c##sec_admin > administer key management set keystore open identified by SecretPassword; If your network is not encrypted, your password will be sent in the clear. This is part of the huge advantage … Continue reading →

Ya’ know, it’d be really nice if someone put together some baseline security standards for the Oracle database. Well, you can find those is a couple of places. These tools checklist are free to use. Now, I’m partial to the … Continue reading →

Oracle AFDF can track the usage of sensitive data in your database, this includes, who can access, who has made changes, and access by privileged users. Improving your ability to keep an eye on what is happening with sensitive data. … Continue reading →