Re: Sticky bit set on linux password file

From: Kurt Franke <>
Date: Tue, 01 Jul 2008 21:11:58 +0200
Message-Id: <>

Hi Jared,

its just for Security.

On System where chown is allowed for everey user for security reasons the setuid-Bit is always deleted if a file is chowned. Thus if a set setuid-Bit is desired for the Password File by the Oracle Server and its use is refused otherwise no one but root can make a password file gift to the oracle unix user.



While going through an annual sarbox task I noticed that on Linux (
> maybe unix too)
> the sticky bit is set on the password file.
> [oracle_at_server before]$ l $OH/dbs/orapworcl
> -rwSr----- 1 oracle oinstall 1536 Oct 30 2007 /u01/app/oracle/product/
> 9.2.0/aglqa/dbs/orapworcl
> The bit is shown as a capital S due to the execute bit not being set.
> There's nothing in ML about it, at least I could not find anything.
> The following test was performed:
> shutdown database
> chmod 640 orapworcl
> startup database
> logon to database remotely as sysdba
> It doesn't appear that the SUID bit serves any purpose.
> Does someone here know why the password file is SUID?
> --
> Jared Still
> Certifiable Oracle DBA and Part Time Perl Evangelist

Received on Tue Jul 01 2008 - 14:11:58 CDT

Original text of this message