Re: UTL_FILE revoke from PUBLIC

Charles J. Fisher wrote:

> I was recently asked to revoke UTL_FILE from PUBLIC by a colleague in IT
> security, following recommendations from NGSS (and their automated
> "squirrel" scanner).
>
> Supposedly, Oracle recommends revoking this privilege:
>
> http://oraclelon1.oracle.com/docs/cd/A91202_01/901_doc/server.901/a90117/secure.htm#8738
>
> However, I've noticed that several sys-owned objects in the data
> dictionary go invalid (and stubbornly remain so until utlrp.sql is
> executed). One of my Oracle 7 instances went into a tailspin with a
> circular dependency between DBMS_UTILITY and DBMS_DDL, and I was forced to
> run CATALOG and CATPROC.
>
> What is everyones' experience with revoking UTL_FIL?
>
> Also, how serious is utlrp's suggestion to run in startup restrict?

My suggestions in no particular order.

1. Never grant anything to public without very careful review
2. Never grant UTL_FILE to public no matter the review
3. Never had a problem running UTLRP.SQL no matter the conditions

    though not on a production system with current users. That would     be sheer madness.
4. Don't do a new install with anything less than 9.2.0.4: Preferably

    10.1.0.4.

-- 
Daniel A. Morgan
University of Washington
damorgan_at_x.washington.edu
(replace 'x' with 'u' to respond)