Re: Delete UNIX files/tblsp owned by Oracle

From: <surya_at_usa.net>
Date: 1995/05/15
Message-ID: <3p8ogh$qmj_at_earth.usa.net>#1/1

> perrygrw_at_future.dreamscape.com (Perry McGrew) writes:
> gapinski_at_lerc.nasa.gov (Gary Gapinski) wrote:
>
> >Place the data files that you allow users to delete in a directory whose
> > [DELETED]
> >that file elsewhere.
>
> Thanks -- I realize there are *big* security issues, but these people
> [DELETED]
> the Oracle UNIX id and belonging to UNIX dba group, having some
> "sticky-bit" permissions would allow a user in the dba group to
> execute it and be able to delete Oracle owned file. Is this possible?

You may be able to write a Pro*C program that would be owned by a DBA id and that would connect to sql/sqldba and do the required. You may chmod u+s it so that the executing id will change to appropriate DBA id when this program is executed.

Shell scripts cna not have sticky bit set, so you will have to do this extra programming. You will need to take the name of tablespace and prepare appropriate SQL statement. Also you could add additional security measures (validate tablespaces being dropped) and/or keep audit trail (who dropped what) if you need in this program.

You could create a similar program to create tablespaces. That way you can maintain a table of tablespace ownership. This could be used for validation when users drop the tablespaces.

I haven't tried this but I think something like this will serve your purpose.

Ganesh Puranik Received on Mon May 15 1995 - 00:00:00 CEST

This message: [ Message body ]
Next message: Ken Niedermeyer: "Re: HELP....CURSORS"
Previous message: Stewart McKenna: "Re: Array Processing"
In reply to: Perry McGrew: "Re: Delete UNIX files/tblsp owned by Oracle"
In reply to Perry McGrew: "Re: Delete UNIX files/tblsp owned by Oracle"
Next in thread: Dave Dargo: "Re: ANSI SQL"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message