I am wondering how safe or maybe it's even possible to possess a website pull data from the Oracle database on the remote server?

What and just how large would be the security difficulties with this?


  • Dane

Is it feasible? Yes. Could it be safe? Not unless of course you are (carefully and correctly) using advanced security measures including authentication (beyond simple passwords) and file encryption, or some kind of VPN. I'm able to understand corporate's hesitancy to permit online connections to it's database. Patches should be diligently applied. Slip-ups in implementations could be very pricey.

Have a look in the quarterly critical patch updates that emerge from Oracle regarding security, and you will understand why it's harmful to reveal an oracle database to the web. The amount of weaknesses permitting unauthenticated SYS level accessibility database is frightening.