| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: Java Permissions Oracle 10 : updated
Actually it's not that bad... JVM is very specific about what it allows - it
implements a default policy of "deny everything unless specifically
allowed".
If you grant execute (or write, for that matter) to specific application
executables only, there's not much that can go wrong, as no shell is
spawned, and therefore no shell processing (like "/my/good/bin &&
/my/bad/bin") can be done.
the one thing you never want to do is grant execute on a shell, though :-)
Stefan
On 8/22/06, Niall Litchfield <niall.litchfield_at_gmail.com> wrote:
>
> You might want to think rather carefully about the security implications
> of this particular function
>
> select function_run_os_command('rm -rf *') from dual;
>
> might be somewhat interesting....
>
> On 8/22/06, John Dunn <jdunn_at_sefas.com> wrote:
>
> >
> > > Can anyone please assist me with java permissions when running a java
> > > function in Oracle 10 on linux?
> > >
>
>
>
>
> --
> Niall Litchfield
> Oracle DBA
> http://www.orawin.info
>
-- http://www.freelists.org/webpage/oracle-lReceived on Tue Aug 22 2006 - 05:50:07 CDT
 |
 |