根据数据库等保要求:应重命名或删除默认账户,修改默认账户的默认口令。
部分安全公司给出了建议:修改sys,system默认账户名称,避免使用常见用户名称。
Oracle 11.2.0.2引入了隐含参数_enable_rename_user来开启用户rename功能,此功能可以在restrict模式下重命名普通用户,但无法用于SYS,SYSTEM用户。
有用户直接强行更新Oracle系统数据字典表USER$来重命名SYS,例如:
update user$ set name='KURU' where name='SYS';
更新成功后,重启数据库会触发ORA-600 [kokasgi1]错误,数据库无法正常启动。
问题重现与定位
直接更新USER$模拟 :
SQL> update user$ set name='KURU' where name='SYS';
1 row updated.
SQL> commit;
Commit complete.
SQL> alter system flush buffer_cache;
System altered.
SQL> select name from user$ where user#=0;
NAME
------------------------------
KURU
关闭数据库并重新启动:
SQL> shutdown immediate;
Database closed.
Database dismounted.
ORACLE instance shut down.
SQL> exit
Disconnected from Oracle Database 11g Enterprise Edition Release 11.2.0.4.0 - 64bit Production
With the Partitioning option
[oracle@recover-db ~]$ sqlplus "/as sysdba"
SQL*Plus: Release 11.2.0.4.0 Production on Wed Dec 2 11:28:32 2020
Copyright (c) 1982, 2013, Oracle. All rights reserved.
Connected to an idle instance.
SQL> startup mount;
ORACLE instance started.
Total System Global Area 3624542208 bytes
Fixed Size 2258440 bytes
Variable Size 1342179832 bytes
Database Buffers 2264924160 bytes
Redo Buffers 15179776 bytes
Database mounted.
SQL> alter session set events='10046 trace name context forever , level 12';
Session altered.
SQL> alter database open;
alter database open
*
ERROR at line 1:
ORA-01092: ORACLE instance terminated. Disconnection forced
ORA-00600: internal error code, arguments: [kokasgi1], [], [], [], [], [], [],
[], [], [], [], []
Process ID: 11248
Session ID: 1563 Serial number: 3
SQL> exit
10046 trace部分内容:
=====================
PARSING IN CURSOR #47615205346312 len=189 dep=1 uid=0 oct=3 lid=0 tim=1606889873758962 hv=186852205 ad='11f8d9df8' sqlid='2tkw12w5k68vd'
select user#,password,datats#,tempts#,type#,defrole,resource$, ptime,decode(defschclass,NULL,'DEFAULT_CONSUMER_GROUP',defschclass),spare1,spare4,ext_username,spare2 from user$ where name=:1
END OF STMT
PARSE #47615205346312:c=35,e=661,p=0,cr=0,cu=0,mis=1,r=0,dep=1,og=4,plh=0,tim=1606889873758961
BINDS #47615205346312:
Bind#0
oacdty=01 mxl=32(03) mxlc=00 mal=00 scl=00 pre=00
oacflg=18 fl2=0001 frm=01 csi=873 siz=32 off=0
kxsbbbfp=2b4e476687b8 bln=32 avl=03 flg=05
value="SYS"
EXEC #47615205346312:c=880,e=949,p=0,cr=0,cu=0,mis=1,r=0,dep=1,og=4,plh=1457651150,tim=1606889873760024
WAIT #47615205346312: nam='db file sequential read' ela= 20 file#=1 block#=417 blocks=1 obj#=46 tim=1606889873760110
FETCH #47615205346312:c=87,e=86,p=1,cr=1,cu=0,mis=0,r=0,dep=1,og=4,plh=1457651150,tim=1606889873760145
STAT #47615205346312 id=1 cnt=0 pid=0 pos=1 obj=22 op='TABLE ACCESS BY INDEX ROWID USER$ (cr=1 pr=1 pw=0 time=87 us)'
STAT #47615205346312 id=2 cnt=0 pid=1 pos=1 obj=46 op='INDEX UNIQUE SCAN I_USER1 (cr=1 pr=1 pw=0 time=86 us)'
CLOSE #47615205346312:c=5,e=5,dep=1,type=0,tim=1606889873760250
Incident 192178 created, dump file: /u01/app/oracle/diag/rdbms/testdb11/testdb11/incident/incdir_192178/testdb11_ora_11248_i192178.trc
ORA-00600: internal error code, arguments: [kokasgi1], [], [], [], [], [], [], [], [], [], [], []
ORA-00600: internal error code, arguments: [kokasgi1], [], [], [], [], [], [], [], [], [], [], []
ORA-00600: internal error code, arguments: [kokasgi1], [], [], [], [], [], [], [], [], [], [], []
可以看出启动过程中基础数据字典内容校验时出现了错误,导致数据库无法正常打开。
从这里也可推断出,SYS用户在Oracle程序中会被硬编码在逻辑中,强行更改会导致系统异常。
针对这种错误,可以使用gdb挂起启动过程,然后强行修改数据字典进行修复,不影响数据库的健康运行。
网友评论