Tag Archives: pl/sql

Upcoming Talks

Posted on August 9, 2018 by rlockard

POUG: 7-8.09.2018 (booked) PL/SQL Secure Coding Practices ECOUG: 18-19.09.2018 (booked) Holistic Database Security BGOUG: 16-18.11.2018 (planned) Blockchain a primer. There is a lot of confusion about the blockchain. Blockchain is not crypto currency, block chain is the one part of the … Continue reading →

Posted in infosec | Tagged blockchain, infosec, justice, pl/sql, Security | Leave a comment

Putting #CodeBasedAccessControl to work. #CBAC #Database #infosec #Oracle #TrustedPath

Posted on March 19, 2018 by rlockard

Grab a cup of coffee or a cup of tea. This is not a short post; There is a lot to explain, and many point are repeated. You need to understand all the in’s and out’s of CBAC. However; once … Continue reading →

Posted in Code Based Access Control, Database Stuff, infosec, PL/SQL, Security, Trusted Path | Tagged CBAC, Code Based Access Control, infosec, oracle, pl/sql, secure coding, Trusted Path | Leave a comment

Update to my earlier #quicktip on setting #plsql scope and warnings.

Posted on February 23, 2018 by rlockard

I noticed a error in my code for setting PLSCOPE_SETTINGS and PLSQL_WARNINGS. QuicTip Logon.sql What I did was get the instance name out of v$instance to figure out if I was connecting to a production environment or one of the lower environments. The … Continue reading →

Posted in Database Stuff, Life of a Oracle DBA, PL/SQL | Tagged logon.sql, oracle, pl/sql, PLSCOPE, PLSCOPE_SETTINGS, PLSQL_WARNINGS, quick tip, quicktip, sys_context | Leave a comment

@Oracle 12.2.0.1 Cool new features to improve security. Part 1 Enhanced Whitelists PL/SQL

Posted on March 8, 2017 by rlockard

In Oracle 12.1 the ACCESSIBLE BY clause was introduced to the PL/SQL language. This gives the developer the ability mark a package, procedure, function, or type with what was allowed to call it. 12.2 gives us fine grained control over … Continue reading →

Posted in Database Stuff, infosec, PL/SQL, Security, Trusted Path | Tagged infosec, oracle, pl/sql, SecureCoding | Comments Off

PL/SQL Security Coding Practices. Introduction to a better architecture part 1.

Posted on December 10, 2016 by rlockard

I have been seeing this database architecture for over thirty years and it’s high time we stopped using it. Before I go too far, let me tell you I get it, you have pressure to get the application out the … Continue reading →

Posted in infosec, Security, Trusted Path | Tagged infosec, pl/sql, Security, trustedpath | Leave a comment