Home -> Mailing Lists -> Oracle-L -> Sticky bit set on linux password file

Sticky bit set on linux password file

From: Jared Still <jkstill_at_gmail.com>
Date: Tue, 1 Jul 2008 11:51:42 -0700
Message-ID: <bf46380807011151u12be9400gc17c484d986fcf13@mail.gmail.com> 





While going through an annual sarbox task I noticed that on Linux (maybe
unix too)


the sticky bit is set on the password file.



[oracle_at_server before]$ l $OH/dbs/orapworcl
-rwSr-----  1 oracle oinstall 1536 Oct 30  2007
/u01/app/oracle/product/9.2.0/aglqa/dbs/orapworcl



The bit is shown as a capital S due to the execute bit not being set.



There's nothing in ML about it, at least I could not find anything.



The following test was performed:



shutdown database


chmod 640 orapworcl


startup database


logon to database remotely as sysdba



It doesn't appear that the SUID bit serves any purpose.



Does someone here know why the password file is  SUID?


-- 
Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist

--
http://www.freelists.org/webpage/oracle-l


Received on Tue Jul 01 2008 - 13:51:42 CDT












Original text of this message