Re: Delete UNIX files/tblsp owned by Oracle
Date: 1995/05/12
Message-ID: <3ovkub$a7n_at_news1.databank.com>#1/1
gapinski_at_lerc.nasa.gov (Gary Gapinski) wrote:
>Place the data files that you allow users to delete in a directory whose
>owner is the oracle account and whose group includes those users allowed
>to create and delete files. chmod g+rwx the directory. The files will be
>owned by the oracle account but will be deletable by members of the group.
>Note that they are not coerced into dropping the tablespace before they
>can delete associated data files. Use as many such directories as there
>are distinct groups.
>BTW, if you're allowing users to drop tablespaces, perhaps they will be
>astute enough to manipulate the initSID.ora file, but, if not, place
>that file elsewhere.
Thanks -- I realize there are *big* security issues, but these people
are contractors developing DSS application. The problem is that I
need to execise some "change control".... I want them to be able to
delete the files but not change "system settings" etc. Unfortunately
I cannot move these files since we have them spread across many
devices. I was trying to see if some script executing rm $1, owned by
the Oracle UNIX id and belonging to UNIX dba group, having some
"sticky-bit" permissions would allow a user in the dba group to
execute it and be able to delete Oracle owned file. Is this possible?
Thanks in advance.
Regards,
Perry A. McGrew (perrygrw_at_future.dreamscape.com)
Received on Fri May 12 1995 - 00:00:00 CEST