dbms_sheduler jobs

I read in blog from Pete Finnigan about the potential security hole in DBMS_SCHEDULER package.

DBMS_SCHEDULER as a new alternative for DBMS_JOB by Patrick Sinke

Note that on some OS, like AIX5L / oracle, the job runs as ORACLE, not as NOBODY

Published by

Laurent Schneider

Oracle Certified Master

One thought on “dbms_sheduler jobs”

  1. but it does not run binaries, just interpreted shell scripts, so if you do not access to the system, you probably will not find a script to harm… you cannot run something like rm or mkdir

Leave a Reply