As some of you know, I'm fast becoming an ApEx convert and I've started to use it to knock together quick and dirty applications which make my daily work life as a consultant easier. Rather than installing a full Oracle DB instance on my laptop I've opted to install Oracle XE which comes with ApEx 2.1 and is basically a stripped down version of Oracle 10g Database. It suits my purposes and is not as resource hungry as the complete Oracle Instance.
However XE is not without its problems. I knew there would be potential security risks and other considerations when developing in XE rather than a later version of ApEx and a fully patched 10g.
I recently discovered a fantastic security article
written by red-database-security
. The article
highlights the flaws with XE and how to overcome them and is well worth a read if your using XE for production systems.