Today, I will write about an extremely cool feature introduced in the Data Guard component on Oracle Database Active Data Guard DML Redirection
It was officially introduced in Oracle 19c, but was also present in the 18c version via the underscore parameter "_enable_proxy_adg_redirect=true".
SQL> alter session enable adg_redirect_dml;
With this feature, you can run DML operations on Active Data Guard standby databases. This enables you to run read-mostly applications, which occasionally execute DMLs, on the standby database". So imagine one reporting application that needs to create some staging tables, but that you couldn't have it running in the ADG as it was a fully read-only environment before. Now, this is no longer a problem.
The only issue I see with this feature is that it is controlled by a session modifiable level parameter. In other words, any database user can enable this for himself on the standby side.
Drawback:
However, starting on 19c, any user connected to the Data Guard environment could potentially change the data in the Production, as long as the user has the appropriate grants in primary to do so. Thus, leveraging the protection on being a "read-only" environment is not enough anymore. All the protections made on the primary should be extended to the DGs.
Solution:
Not sure but seems to be a potentially insecure feature, I found two options on the internet, but I haven't tested them yet.
*.Totally disabling the database links on the standby database.
*.Creating a logon trigger on the primary blocking connections coming from the standby database.
Refer Doc:
Active Data Guard DML Redirection 19c (Doc ID 2465016.1)
No comments:
Post a Comment