« Password Device Fun | Main | One Tough Hombre… »
Here We Go Again - The First Release Blues
By Eric Gross | September 4, 2007
Well just in case anyone was rushing out to implement Oracle 11g databases, there is new research which finds flaws in the 11g release, opening up new holes for malicious actors to circumvent the security intentions of database owners. Even the highly touted new releases of Oracle Database Vault and Oracle Audit Vault are vulnerable.
Link: ‘Stupid’ Holes Reported in Oracle 11g.
Something I found even more interesting is at the end:
Citing the example of one German company that has 8,000 Oracle databases, Kornbrust said rolling out a single patch can require 32,000 hours of labor, or four hours per database. That translates into 60 full-time database administrators and does not take into account the time and expense required for testing the patch on each database, he said.
Moreover, for each vulnerability that gets patched, Oracle must develop a patch for every version of its database that’s supported, with a version of each for every hardware platform and operating system the database runs on. That amounts to around 100 separate patches for every vulnerability, Kornbrust said.
These comments sing to me like birds in the morning. Every time someone realizes how difficult it is to keep their database infrastructure up to snuff, a new candidate for automation is born. The solution to the insurmountable task of keeping out the bad guys (especially those whom you trust) is automation.
Topics: 11g, Database Automation, Patches, Repeatability, Security
December 4th, 2007 at 12:33 pm
[...] 11g is finally here, time to start working out the kinks. [...]