Sharding Advisor is a client-side utility that connects to the non-distributed database using authenticated OCI connections.

• The Sharding Advisor requires the appropriate credentials (user name and password) to connect to the source non-distributed database. Sharding Advisor can be run as a different user than the user that owns the source database schema that the Sharding Advisor analyzes. This user must have SELECT privileges on the tables in the non-sharded schema.
• The user needs SELECT privileges on the GV$SQL_PLAN and GV$SQL_PLAN_STATISTICS_ALL views, and on the DBA_HIST_SQL_PLAN, DBA_HIST_SQLSTAT, and DBA_HIST_SNAPHSOT tables. The user does not need any other special privileges.
• Sharding Advisor is not vulnerable to privilege escalation and denial of service.
• Sharding Advisor does not store or expose any sensitive data such as passwords, database service names, or user names.
• Sharding Advisor does not expose sensitive details about the inner workings of the product.
• Sharding Advisor does not include any interfaces or APIs which are not externally documented.
• Sharding Advisor does not require any insecure protocols to be enabled.
• Sharding Advisor does not use any insecure modes of operation.
• Sharding Advisor does not store any data or other information in any files.
• All connections to the database are through authenticated OCI connections.
• There are no SETUID executables created.
• No new grants to PUBLIC are done.
• No new default schemas are created, but Sharding Advisor internal tables are created under the user that is used to run Sharding Advisor.