tag:blogger.com,1999:blog-27482298.post8685954895502092899..comments2024-02-25T22:29:18.572+00:00Comments on Andrew's Oracle Blog: ORA-28405Unknownnoreply@blogger.comBlogger1125tag:blogger.com,1999:blog-27482298.post-18189990606999100912015-12-16T15:31:49.396+00:002015-12-16T15:31:49.396+00:00Yes it's good to see that Oracle finally fixed...Yes it's good to see that Oracle finally fixed that as I always considered that a "hole" in the intended design. And not necessarily for malicious by-passing of security but rather security that could "accidentally" be by-passed by the DBAs by granting nested roles.<br /><br />However surprisingly I see very few implementations of role security. Which I would consider a reasonably good mechanism for preventing end users or developers from circumventing the application and connecting to the databases directly using unauthorized tools.<br /><br />Nice article showing exactly the problem and Oracle's solution. And thanks for attending my presentation at UKOUG.Anonymoushttps://www.blogger.com/profile/12300303621501206104noreply@blogger.com