Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Samba on a database server

Re: Samba on a database server

From: Niall Litchfield <niall.litchfield_at_gmail.com>
Date: Tue, 25 Jul 2006 16:42:51 +0100
Message-ID: <7765c8970607250842j441a7053rb29b78e1ae9be2a4@mail.gmail.com>


We have recently implemented this, actually our requirement was to write * out* a file from the db using UTL_FILE but my take on it was.

  1. you can control who accesses the data at the UNIX level via an ACL on the share.
  2. you can control who has access to the data at the Unix level
  3. you can control who has access to the data at the Oracle level.
  4. you might well be able to control access to the data at the application level. (we could)

In other words I wasn't that concerned :). Now this sort of arrangement does rather require that everyone thinks about the security requirements, that the windows and unix sysadmins trust each other (and the dbas and developers as well for that matter). If you'd chosen application express the application users could probably have loaded the files directly from the client PCs by the way.

cheers

Niall

On 7/25/06, Connor McDonald <mcdonald.connor_at_gmail.com> wrote:
>
> Our app guys have built a small database app, which amongst other
> things, loads image files from a file system into the database - the
> intention being that these are files that users can drag/drop from
> their PC into this file system.
>
> They've assumed that the files will be local to the database server,
> so I'm considering samba to expose a small f/s on the db server.
>
> Our unix admin is resisting - quoting samba is a security risk, and
> that it opens our database server up to all sort of attack.
>
> I don't really care whether we use samba or something else or whatever
> - but I've been asked to give an informed opinion, so I figured it
> would be to defer to anyone (on the list that is informed ... 'cos i'm
> not.
>
> Are the risks legitimate ?
>
> Cheers
> Connor
>
> --
> Connor McDonald
> ===========================
> email: connor_mcdonald_at_yahoo.com
> web: http://www.oracledba.co.uk
>
> "Semper in excremento, sole profundum qui variat"
> --
> http://www.freelists.org/webpage/oracle-l
>
>
>

-- 
Niall Litchfield
Oracle DBA
http://www.orawin.info

--
http://www.freelists.org/webpage/oracle-l
Received on Tue Jul 25 2006 - 10:42:51 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US