Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Project lockdown - opinion solicitation

Project lockdown - opinion solicitation

From: EdStevens <quetico_man_at_yahoo.com>
Date: Fri, 24 Aug 2007 10:31:14 -0700
Message-ID: <1187976674.337926.228510@r23g2000prd.googlegroups.com> 





On advice last week, I have downloaded the "Project Lockdown" document
and begun reviewing it.  I get a very uneasy feeling about his
suggestion to remove the SUID bit from the Oracle executables.
Searching through this ng I find a lot of issues stemming from not
leaving the file permissions just as they are created when following
installation instructions to the letter.



It seems to me this could cause a lot of nagging problems.  It also
seems that if your ORACLE_HOME is on a box where issuance of os user
accounts is limited to DBAs and SAs the ability to exploit the SUID
would be extremely limited.



Am I missing something?
Received on Fri Aug 24 2007 - 12:31:14 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US