Versions Compared

Old Version 3

changes.mady.by.user Tony Johnson

Saved on

compared with

New Version 4

changes.mady.by.user Tony Johnson

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Gives experiments sufficient lead time for such security related changes. This would typically be at least one year.
  • Discusses it detail with the experiment the need for such changes.
  • Ensure that an accurate assessment of manpower required implement changes is established at the outset, including manpower needed to research solutions before deciding on and implementing the chosen solution.
  • Where possible the manpower to implement such security changes should come aqt least in part from SCCS itself. The resulting solutions should be documented and made available to everyone in the lab.

Background details

Oracle wallet

Oracle wallet gives the appearance of having been written by a high-school student on their first programming assignment. In particular:

  1. It is not really a secure password store, passwords can be extracted in plain text if you have the store password. Oracle itself can bypass using the store password, but it is not entirely clear what mechanism it uses to do that, and how securely it is implemented.
  2. The options needed to create and modify credentials are not included in the documentation provided by the -help option.
  3. The program outputs bizarre messages which appear to be left over debugging print outs.
  4. When prompting for a password the program continually emits spaces in a not entirely successful attempt to hide the input password. This results in programs like putty consuming 100% of available CPU time whenever oracle prompts for a password, making it nearly impossible to enter the password. To circumvent this I had to create a script to create the wallet containing not only the wallet password but all of the oracle account passwords. Hopefully I will remember to delete this soon (but not until I am sure I won't have to recreate the wallet).
  5. The whole concept of the wallet seems to have been ill thought out (for example the need to create many aliases for the same DB connection so that each alias can use a different account).
  6. Most seriously, the password store seems to simply fail with certain aliases. For example pipeline does not work, but pipeline-ii does work as an alias. Approximately 30% of our original aliases did not work (there is no error message, oracle simply refuses to use these wallet entries when logging on and says "invalid login/password"). We wasted a lot if time trying to understand this, but failed and had to just experiment with different aliases until we got things to work, resulting in the use of strange aliases like pipelineProd. (This bug seems so bizarre I still can't really believe it, but it was totally reproducible and we can see no pattern in what works and what doesn't work).