Which has the higher priority in your organization: Deploying a new database or securing the ones you already have?
Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx.
Purpose
Undocumented but the SYS.DBMS_ASSERT package, plus the functionality of the ASSERT_WS function give an indication that the intention may be related to preventing SQL Injection.
AUTHID
DEFINER
Dependencies
DBMS_ASSERT
LTRIC
OWM_IEXP_PKG
DUAL
LTUTIL
OWM_MIG_PKG
LT
LT_EXPORT_PKG
OWM_MP_PKG
LTADM
OWM_BULK_LOAD_PKG
OWM_VSCRIPT_PKG
LTDDL
OWM_CPKG_PKG
UD_TRIGS
LTDTRG
OWM_DDL_PKG
WM_DDL_UTIL
LTI
OWM_DYNSQL_ACCESS
Documented
No
First Available
12.2
Security Model
Owned by WMSYS with no privileges granted
Direct access to this package is prevented by means of an Accessible By clause.
In versions 12.2 through 18.3 this function was not protected with the ACCESSIBLE BY clause
owm_assert_pkg.verifycallstack;
exec wmsys.owm_assert_pkg.verifycallstack;
BEGIN wmsys.owm_assert_pkg.verifycallstack; END;
*
ERROR at line 1:
ORA-06550: line 1, column 7:
PLS-00904: insufficient privilege to access object OWM_ASSERT_PKG
ORA-06550: line 1, column 7:
PL/SQL: Statement ignored