Friday, March 10, 2006

My first Oracle WTF

Fame at last! Oracle WTF has accepted my first submission. This was a suggestion in an OTN forum thread on recovering passwords; the poster proposed amending the password verification function to store the username and password in a normal table. It takes a rare kind of mind to come up with ideas like that, subverting the password checker to ensure that every password is long, strong and known to everyone with SELECT ANY TABLE privilege.

2 comments:

Anonymous said...

congrats.
The only thing missing is a routine to mail out each day's password changes to any interested parties.
others have used larry.ellison@oracle.com as a recipient - someone that likes to be known as "Voyager", I believe.

-bdbafh

Anonymous said...

with rss/atom subscription