msgbartop
News, views, tips and tricks on Oracle and other fun stuff
msgbarbottom

Daily Roundup of News, Tips and Tricks for 2010-02-04

  • Tanel Poder's PerfSheet tool to visualize Statspack reports.
  • It could be something that helps you upgrade to later versions? Maybe a new feature which will allow Forms to more easily use a feature of the platform? Could it be you want your end Forms application to look and behave differently? Something to help debugging or tracing your code?
  • In Oracle Database 11g, the partitioning schemes have been greatly expanded to offer more functionality, including the ability to define new composite partitioning, choose a partition interval, specify a foreign key to inherit the partitioning key of its parent table, and partition on virtual columns.
  • Prior to 11g, Oracle did not have a simple table pivot feature. 11g has changed that, and the pivot clause is certainly useful. It requires, however, an aggregation calculation in the intersection. But what if you already have the data to populate in the intersection area? Or, you may no longer have the raw data to aggregate it again. In that case, you are forced to trick it to get an aggregation in.
  • A computer security expert has uncovered what he says are flaws in widely used software from Oracle Corp that could let hackers remotely access sensitive information in corporate and government databases.

Filed in Links on 04 Feb 10


Reader's Comments

  1. |

    A computer security expert has uncovered what he says are flaws in widely used software from Oracle Corp that could let hackers remotely access sensitive information in corporate and government databases.

    Eddie, why on earth would an Oracle ACE publish links that help crimimals find new ways to hacking Oracle and stealing data?

    You are doing a tremendous disservice to the Oracle community, it’s not a nice thing to do . . .

    Helping the bad guys find hacks is called aiding an abetting . . .

    You don’t need to post this, I only hope that you have the good sense to remove that link, at least until the fix is published. .

  2. |

    Don, do you want the DBAs to be in the dark about this exploit?

    In the past 24 hours alone there have been thousands of dedicated (not only links to) posts about this all over the Internet http://bit.ly/apQFMt I don’t know why you just pick on me.

    One of these posts is Alexander Kornbrust’s http://bit.ly/c1MDDn in which he mentioned a workaround: “For security reasons you should revoke the PUBLIC privileges from DBMS_JVM_EXP_PERMS, DBMS_JAVA and DBMS_JAVA_TEST”.