Re: Compliance Library

From: Andy Klock <andy_at_oracledepot.com>
Date: Wed, 5 Feb 2014 13:49:39 -0500
Message-ID: <CADo_RaM2fpQmbYBcF5Hr4L=6b8GJVib3w+nUGezTzMazVgaqQw_at_mail.gmail.com>

Unless I'm misunderstanding your requirements, this may be what you are looking for:

2.3.5 $ORACLE_HOME/network/admin Directory Owner

Description: Ensures $ORACLE_HOME/network/admin ownership is restricted to the Oracle software set and DBA group

Severity: Warning

Rationale: Not restricting ownership of network/admin to the Oracle software set and DBA group may cause security issues by exposing net configuration data to malicious users.
(single instance)

http://docs.oracle.com/cd/E24628_01/doc.121/e36074/single_instance_db.htm#BGBHJDGG

(cluster)

http://docs.oracle.com/cd/E24628_01/doc.121/e36074/rac_db.htm#BGBBHBJJ

On Wed, Feb 5, 2014 at 4:36 AM, Nagaraj S <nagaraj.chk_at_gmail.com> wrote:

> Thank You Bobby! The presentation really helped.
>
> BTW- I need to create new compliance standard where it need to check the
> file permission and ownership of $ORACLE_HOME/network/admin/listener.ora on
> all database servers, So with this requirement please advise if I need to
> query the repository database or write any script to check permission on
> all servers?. If at all we need to query from repository db please share
> the query to be used.
>
> -Naga
>
>
>

--
http://www.freelists.org/webpage/oracle-l

Received on Wed Feb 05 2014 - 19:49:39 CET

This message: [ Message body ]
Next message: McPeak, Matt: "Semi-deterministic?"
Previous message: Saad Khan: "Re: Trace file getting huge"
In reply to: Nagaraj S: "Re: Compliance Library"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message