Unix: running oracle instances under different account names

From: Leo Baltus <lbaltus_at_my-deja.com>
Date: 6 Jul 2001 07:11:06 -0700
Message-ID: <d9e7179d.0107060611.3ef3777b_at_posting.google.com>

To enhance security on our AIX boxes we would like to run each oracle database instance as a separate user. So that (at least from a unix point of view) we can separate databases and dba activities from each other.

In a typical oracle set-up the user oracle is the owner of both the executables and the tablespaces. I would like to have oracle be the owner
of the executables and run each instance of a database as e.g. finance_db or salary_db or web_db.
My goal is to ensure that e.g. user web_db can not read *any* file associated with salary_db. Of course combining the two is not very logical from a functional point of view, this only serves to make my point.

Does anybody know if it can be done or is anyone aware of some documentation on this suject.
Obviously oracle would no longer be suid/sgid. How would you use tnslsnr? what facilities will no longer be available? Received on Fri Jul 06 2001 - 16:11:06 CEST

This message: [ Message body ]
Next message: Abhisek: "OCIError Handle"
Previous message: Phil: "Connecting to remote Oracle with 3rd party clients"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message