Call: +44 (0)1904 557620 Call
Blog

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Red Database Security has released a standalone Oracle password cracker"] [Next entry: "Details of the Oracle password algorithm were revealed by its creator in 1993"]

undocumented Oracle?



There has been a flurry of blog posts from Radoslav, http://oracledoug.blogspot.com/2005/08/jonathan-debunks-another-don-article.html - (broken link) Doug, Jonathan Lewis and from http://tkyte.blogspot.com/2005/08/getting-credible-information.html - (broken link) Tom Kyte all about a paper written by Don titled "Undocumented secrets for super-sizing your PGA" that was recently released.

I like undocumented and hard to find information so I am always interested by papers like this. I won't get into the for and against of this particular article and the opposers, Radoslav has done a good job of summarising the current state of this farce in his post "The Don Burleson's article"

I wanted to highlight this post not for many of the reasons that others have quoted but for one reason in particular. This is that whilst undocumented information is interesting to know it should not be used in production databases under any circumstances, also hidden parameters should never be set unless Oracle support direct you to do so.