php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login

go to bug id or search bugs for

Request #56723 Privileged connection
Submitted: 2005-12-14 04:43 UTC Modified: 2013-10-15 11:54 UTC
Votes:1
Avg. Score:4.0 ± 0.0
Reproduced:1 of 1 (100.0%)
Same Version:1 (100.0%)
Same OS:1 (100.0%)
From: s dot zurnieden at media-control dot com Assigned:
Status: No Feedback Package: *General Issues
PHP Version: 5.1.1 OS: Linux 32 (SuSE)
Private report: No CVE-ID: None
View Developer Edit
Welcome back! If you're the original bug submitter, here's where you can edit the bug or add additional notes.
If you forgot your password, you can retrieve your password here.
Password:
Status:
Package:
Bug Type:
Summary:
From: s dot zurnieden at media-control dot com
New email:
PHP Version: OS:

 

 [2005-12-14 04:43 UTC] s dot zurnieden at media-control dot com 
Description:
------------
PDO_OCI 1.0
Oracle 10GR2(x86_64)

For the moment it seems that it isn't possible to connect to an oracle database with a priviledged connection (as sysdba).

In some cases this could be very useful to connect as sysdba.

Maybe this can be done via a connection dsn paramter like session_mode=sysdba or something like that.

So a full connection dsn could be:
oci:dbname=myoraclesid;session_mode=sysdba

Kind regards,
Sven Zurnieden

Reproduce code:
---------------
<?php
$connect_dsn = 'oci:dbname=myoraclesid';
$oracle_uname = 'sys';
$oracle_upass = 'syspasswd';

try{
    $database = new PDO($connect_dsn, $oracle_uname, $oracle_upass);
    $database->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
    $database->setAttribute(PDO::ATTR_CASE, PDO::CASE_LOWER);
    $database->setAttribute(PDO::ATTR_ORACLE_NULLS, true);
    $database->setAttribute(PDO::ATTR_PREFETCH, 1000);
}
catch(PDOException $e){
    echo $e->getMessage() . ' in ' . $e->getFile() . ' on line ' . $e->getLine() . "\n";
}
?>

Expected result:
----------------
Connection as sysdba to an oracle database.

Actual result:
--------------
SQLSTATE[HY000]: OCISessionBegin:: ORA-28009: connection as SYS should be as SYSDBA or SYSOPER (/root/install/php/php-5.1.1/ext/pdo_oci/oci_driver.c:514) in /usr/local/httpd/htdocs/ora_mgmt/pdo_connect.php on line 30

Patches

Pull Requests

History

AllCommentsChangesGit/SVN commitsRelated reports
 [2007-05-14 12:47 UTC] ludovico dot caldara at gmail dot com 
hi, since Zend Framework provides Zend_DB class based on PDO, it would be very cool to have privileged sessions implemented.

It should be quite simple adding a new variable to the DSN:
struct pdo_data_src_parser vars[] = {
		{ "charset",  NULL,	0 },
		{ "dbname",   "",	0 },
		{ "credentials",   "OCI_DEFAULT",	0 }
	};

and passing the correct parameter to OciSessionBegin() call...

kind regards
-- 
Ludovico Caldara
 [2007-06-28 16:37 UTC] christopher dot jones at oracle dot com 
Adding privileged connections opens a potential security hole.  If the webserver runs as an OS user with Oracle dba or oinstall privilges it could be possible a hacker to gain high level access to the database.

The oci8 extension added a php.ini parameter to allow privileged connections for users who want to take the risk.

PDO_OCI patches for something similar are welcome, as are a list of use cases where you would find the feature beneficial.
 [2013-06-12 02:05 UTC] ssufficool@php.net
-Status: Open +Status: Feedback -Package: PDO_OCI +Package: *General Issues
 [2013-06-12 02:05 UTC] ssufficool@php.net 
Not enough information was provided for us to be able
to handle this bug. Please re-read the instructions at
http://bugs.php.net/how-to-report.php

If you can provide more information, feel free to add it
to this bug and change the status back to "Open".

Thank you for your interest in PHP.


It looks like there may be a workaround at the server level. Will this work for 
you?

https://forums.oracle.com/thread/1135635
 [2013-10-15 11:54 UTC] php-bugs at lists dot php dot net 
No feedback was provided. The bug is being suspended because
we assume that you are no longer experiencing the problem.
If this is not the case and you are able to provide the
information that was requested earlier, please do so and
change the status of the bug back to "Re-Opened". Thank you.
 
PHP Copyright © 2001-2025 The PHP Group
All rights reserved. 		Last updated: Sat May 03 12:01:29 2025 UTC