Re: External tables. Security concerns.

bdbafh_at_gmail.com wrote:
> artmt_at_hotmail.com wrote:
> > I am considering using external tables for my ETL processes.
> > The DBAs are telling me that their policy is not allow any access to
> > the file system via the database - due to security concerns. This
> > means no external tables, no directory objects, no utl_file.
> > Are their concerns valid?
> > Is there a way to use these features securely?
> >
> > Thanks
> > Art
>
> Does their security policy allow for the following statements?
>
> create database ...
> create tablespace ...
> alter tablespace add datafile ...
> create logfile ...
> alter system set log_archive_dest= ...
>
> As these all affect the database server's filesystem via the database.

I don't think that's a fair comarison.
I doubt you would be comfortable with developers being free to execute the above statements in the applications.

> I can understand their position in wanting to limit access to the
> database server's filesystems, but a properly configured setup that
> allows for this functionality to be used may be more efficient than
> forcing such data to be sql loaded into staging tables, then
> manipulated (meaning ETL in the database). Perhaps the additional space
> and workload might outweigh the (overly broad) security concerns?
>
> -bdbafh

Yes, but in order to make such argument I need have better understanding of their concerns. Received on Fri Aug 18 2006 - 14:58:04 CDT