Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> javasyspriv - a security vulnerability?
I have a java stored proc created in a schema to execute OS commands on UNIX
(Database version 9.2). This schema has been granted JAVASYSPRIV.
If I create a file using this stored proc, the file gets ownership of unix id oracle. How can I prevent this to happen? Can I control my environment in such a way that this java stored proc creates file with a specified unix id and not oracle id?
On a side note, is this behavior not a security vulnerability?
thanks Received on Sat Oct 19 2002 - 15:20:42 CDT