Listener and extproc security
Date: Thu, 3 Jan 2008 10:02:20 -0600
I'm looking for clarification on securing extproc, specifically in regards to accessing it over TCP in 10.2.0.3. My understanding is that a separate listener is recommended for extproc which only listens to IPC calls. Otherwise, if the database listener was used, extproc and any allowed libraries on the server could be accessed remotely via TCP.
Most of what I've read on this is from a 9i security bulletin, but I haven't seen anything so far that says the situation has changed in 10g. Is my understanding of the situation correct, and is this still the recommended configuration? I want to make sure I have my facts strait before I recommend this to my coworkers.
http://www.freelists.org/webpage/oracle-l Received on Thu Jan 03 2008 - 10:02:20 CST