Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Why are people so afraid of underscore parameters ?

Re: Why are people so afraid of underscore parameters ?

From: Thomas Kyte <tkyte_at_oracle.com>
Date: 23 Aug 2002 11:57:01 -0700
Message-ID: <ak60ht02k5d@drn.newsguy.com> 





In article <b3cb12d6.0208231010.6dc7492e_at_posting.google.com>, yong321_at_yahoo.com
says...


>

>"Richard Foote" <richard.foote_at_bigpond.com> wrote in message

>news:<c6f99.12411$g9.40345_at_newsfeeds.bigpond.com>...

>> However, the are some situations when the modification of these parameters

>> is beneficial and in fact recommend. There was a thread here not too long

>> ago on the positive impact of changing the _spin_count parameter. Usually

>

>Why not take _trace_files_public as an example? That may be

>technically the most harmless underscore parameter. Some time ago,

>somebody here says there's no degree of unsupported-ness. But the

>truth is, if you set _trace_files_public to true, I can almost

>guarantee your database is still supported. But at the other extreme,

>if you set _corrupted_rollback_segments or _disable_logging to true

>without Oracle's approval, it's quite likely you will lose support.

>

>I also find that whether you stil get support depends on how much you

>know about Oracle database, and about the undocumented parameter

>you're using when you talk to the Support people.

>

>Yong Huang





I'll take it on!



Production database, _trace_files_public=true.  What does that imply.  Everyone
says "totally innoncent setting" right?



Hmmm -- might there just possibly be some security related issues with regards
to that?  Might there sometimes be information someone could glean from these
publically accessible trace files?



Your database is certainly supported in this particular, singular case --
however, you have opened up a totally different problem, an unintended side
effect -- that of a certifiable top notch security issue.



(in fact, I can show you a truly big problem with _trace_files_public, security
and another undocumented but seemingly innocent event that can be set at the
session level -- just need _trace_files_public to be set and ALTER SESSION privs
and I can get some pretty neat information)



I wouldn't run trace files public on a production box.



Me, I've been running Oracle databases for more then a couple of years.  I like
Richard Foots response to this, but -- would still hesitate to use an "_"
parameter in a production database *without* the encouragement and support of
support itself.  You *think* you know the meaning of an "_" parameter -- but
tell me, do you really?  do you think they change from release to release (hey,
if log_checkpoint_interval/timeout can undergo fundemental shifts in meaning as
they did from 8.0 to 8.1


http://asktom.oracle.com/pls/ask/f?p=4950:8:::::F4950_P8_DISPLAYID:344617462392



why not _trace_files_public? )




I'll be ULTRA conservative on this one forever.  Caveat Emptor, use at your own
risk....


--
Thomas Kyte (tkyte@oracle.com)             http://asktom.oracle.com/ 
Expert one on one Oracle, programming techniques and solutions for Oracle.
http://www.amazon.com/exec/obidos/ASIN/1861004826/  
Opinions are mine and do not necessarily reflect those of Oracle Corp 


Received on Fri Aug 23 2002 - 13:57:01 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US