Which has the higher priority in your organization: Deploying a new database or securing the ones you already have?
Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx.
Maintain the Trusted Servers List. These procedures are used to define whether a server is trusted. If a database is not trusted, Oracle refuses current user database links from the database
Owned by SYS with EXECUTE granted to the EXECUTE_CATALOG_ROLE role
ALLOW_ALL only applies to the servers listed as trusted at the Central Authority. DENY_SERVER provides a way to indicate that, even though allow all is indicated in the list, a specific server is to be denied.
Similarly, ALLOW_SERVER provides a way to indicate that even though deny all is indicated in the list, some specific servers are to be allowed access.
CREATE OR REPLACE FORCE VIEW ku$_trlink_view
OF ku$_trlink_t WITH OBJECT IDENTIFIER(name) AS
SELECT '1', '0', tl.dbname,
DECODE(tl.dbname, '+*', 'DBMS_DISTRIBUTED_TRUST_ADMIN.ALLOW_ALL',
'-*', 'DBMS_DISTRIBUTED_TRUST_ADMIN.DENY_ALL', fdef.function),
DECODE(tl.dbname, '+*', 0, '-*', 0, 1)
FROM sys.trusted_list$ tl, (
'-*', 'DBMS_DISTRIBUTED_TRUST_ADMIN.ALLOW_SERVER') FUNCTION
WHERE dbname like '%*') FDEF
WHERE (SYS_CONTEXT('USERENV','CURRENT_USERID') = 0
OR EXISTS (SELECT * FROM session_roles WHERE role='SELECT_CATALOG_ROLE'));