| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: Java Permissions Oracle 10 : updated
Yes I experienced the same thing - back in 9i, oracle has passed on some
environment settings to the process / script i.e. PATH - 10g no longer does
that. Hence, if you're calling a script you have to either give a fully
qualified path to any executable, or set up your own PATH - also note, if
you're accessing a database in that script, any kind of NLS_LANG or similar
you might have set are not there either.
Stefan
On 8/22/06, John Dunn <jdunn_at_sefas.com> wrote:
>
> Actually I have discovered that permissions were only part of the issue.
> The other problem is that when I run a script I have to make sure that I
> always specifiy the #! line at the top of each script e.g.#!/bin/ksh and
> also explicitly define the PATH in the scripts.
>
> I did not need to do this when I was running scripts via the external
> procedure listener.
>
>
>
>
>
> -----Original Message-----
> *From:* Stefan Knecht [mailto:knecht.stefan_at_gmail.com]
> *Sent:* 22 August 2006 11:50
> *To:* niall.litchfield_at_gmail.com
> *Cc:* jdunn_at_sefas.com; oracle-l
> *Subject:* Re: Java Permissions Oracle 10 : updated
>
> Actually it's not that bad... JVM is very specific about what it allows -
> it implements a default policy of "deny everything unless specifically
> allowed".
> If you grant execute (or write, for that matter) to specific application
> executables only, there's not much that can go wrong, as no shell is
> spawned, and therefore no shell processing (like "/my/good/bin &&
> /my/bad/bin") can be done.
>
> the one thing you never want to do is grant execute on a shell, though :-)
>
> Stefan
>
>
>
> On 8/22/06, Niall Litchfield < niall.litchfield_at_gmail.com> wrote:
> >
> > You might want to think rather carefully about the security implications
> > of this particular function
> >
> > select function_run_os_command('rm -rf *') from dual;
> >
> > might be somewhat interesting....
> >
> > On 8/22/06, John Dunn <jdunn_at_sefas.com> wrote:
> >
> > >
> > > > Can anyone please assist me with java permissions when running a
> > > java
> > > > function in Oracle 10 on linux?
> > > >
> >
> >
> >
> >
> > --
> > Niall Litchfield
> > Oracle DBA
> > http://www.orawin.info
> >
>
>
-- http://www.freelists.org/webpage/oracle-lReceived on Tue Aug 22 2006 - 06:12:59 CDT
 |
 |