sportySPORTY.ORG

• Next message: Michal Zalewski: "Re: /tmp"
• Previous message: Dan Stromberg: "Re: /tmp"
• In reply to: Michal Zalewski: "Re: Oracle WebDb engine brain-damagse"
• Next in thread: Michal Zalewski: "Re: Oracle WebDb engine brain-damagse"
• Next in thread: Kuznetsov, Vasily: "Re: Oracle WebDb engine brain-damagse"
• Reply: sporty o'one: "Re: Oracle WebDb engine brain-damagse"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>On Wed, 20 Dec 2000, McAllister, Andrew wrote:
>
>> This is not to say that you can't issue some dangerous commands as you
>> suggest, just that you won't see any data as a result. Also, I believe
>> that only data manipulation commands will work in this context e.g.
>> delete, update, insert. I don't believe definition commands will work,
>> e.g. drop, create. Again I don't have WebDB, so I cannot verify.
>
>I believe you can do at least one of these possibilities:
>
>- SELECT <pattern> INTO <sth> FROM <table> to move sensitive data
> from some private table to publicly available tables used eg. for
> direct contents rendering,

Just to aggravate the scratch,

SELECT table_name FROM user_tables

>- call WebDB output procedures to produce output (you can use full
> PL/SQL language syntax, including loops, declarations etc).

i think the plsql is dbms_output or something. point being you can do
plsql with cursors and get what you want =)

• Next message: Michal Zalewski: "Re: /tmp"
• Previous message: Dan Stromberg: "Re: /tmp"
• In reply to: Michal Zalewski: "Re: Oracle WebDb engine brain-damagse"
• Next in thread: Michal Zalewski: "Re: Oracle WebDb engine brain-damagse"
• Next in thread: Kuznetsov, Vasily: "Re: Oracle WebDb engine brain-damagse"
• Reply: sporty o'one: "Re: Oracle WebDb engine brain-damagse"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]