| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> RE: Litchfield on October patch
Jay,
Here is our latest "standard" for creating 10.2 databases. We are still in evaluation mode (we run 3rd party applications here and getting everything certified is a beast). David's reply was hilarious! RTFM indeed! LOL!
Tom
set echo on
spool createROEM1.log
CREATE DATABASE "ROEM"
user sys identified by xxxxxxx
user system identified by xxxxxxxxx
CONTROLFILE REUSE
LOGFILE
Group 1 ('/ora1/u0010/ROEM/log/redo01a.log',
'/ora1/u0011/ROEM/log/redo01b.log') size 100M reuse,
Group 2 ('/ora1/u0012/ROEM/log/redo02a.log',
'/ora1/u0013/ROEM/log/redo02b.log') size 100M reuse,
Group 3 ('/ora1/u0010/ROEM/log/redo03a.log',
'/ora1/u0011/ROEM/log/redo03b.log') size 100M reuse,
Group 4 ('/ora1/u0012/ROEM/log/redo04a.log',
'/ora1/u0013/ROEM/log/redo04b.log') size 100M reuse
maxinstances 1
SIZE 200M REUSE
AUTOEXTEND ON
NEXT 100M
MAXSIZE 1G
SIZE 200M REUSE
AUTOEXTEND ON
NEXT 100M
MAXSIZE 1G
SIZE 100M REUSE
AUTOEXTEND ON
NEXT 50M
MAXSIZE 1G
SIZE 100M REUSE
AUTOEXTEND ON
NEXT 50M
MAXSIZE 500M
SIZE 100M REUSE
EXTENT MANAGEMENT LOCAL
UNIFORM SIZE 1M
SEGMENT SPACE MANAGEMENT AUTO
@ ?/rdbms/admin/catalog.sql @ ?/rdbms/admin/catproc.sql @ ?/javavm/install/initjvm.sql @ ?/rdbms/admin/initxml.sql @ ?/rdbms/admin/catjava.sql
-----Original Message-----
From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of
JayMiller_at_TDWaterhouse.com
Sent: Friday, October 28, 2005 5:25 PM
To: oracle-l_at_freelists.org
Subject: RE: Litchfield on October patch
Unfortunately as of 10.2 Oracle does not provide syntax for database creation (most of it is the same but I always worry about new features). All I found on Metalink were the instructions that if you *really* don't want to use DBCA then use DBCA to generate the scripts and run them yourself.
I did so and did a fair amount of modifying but I'm still a bit p***ed
off
about it.
Jay Miller
-----Original Message-----
From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org]
Sent: Thursday, October 20, 2005 10:54 AM
To: Rich.Jesse_at_quadtechworld.com; bdbafh_at_gmail.com; stellr_at_cns.vt.edu
Cc: oracle-l
Subject: RE: Litchfield on October patch
Exactly. DBCA is a beast that should be put to sleep. It cruds the database up with stuff that you don't need, and that Oracle wants to charge you for. We never use it.
-----Original Message-----
From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Jesse, Rich
Sent: Thursday, October 20, 2005 10:49 AM
To: bdbafh_at_gmail.com; stellr_at_cns.vt.edu
Cc: oracle-l
Subject: RE: Litchfield on October patch
Better yet, just don't use the dbca.
Rich
"E-vil. Like the fru-its of the dev-il, E-vil."
-----Original Message-----
From: oracle-l-bounce_at_freelists.org
[mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Paul Drake
Sent: Wednesday, October 19, 2005 6:09 PM
To: stellr_at_cns.vt.edu
Cc: oracle-l
Subject: Re: Litchfield on October patch
On 10/19/05, Ray Stell <stellr_at_cns.vt.edu> wrote:
> from bugtraq:
>
> Having downloaded and given the Oracle October patch a cursory
examination,
> some of the flaws Oracle told me were being fixed, remain exploitable.
Once
> again the patch is not sufficient. I will conduct a full investigation
of
> the patch over the coming few days and post some recommendations once
> complete. Incidently, it's good to see that the NGS Disclosure policy
of not
> publicly releasing details of the flaws "fixed" seems to work as a
useful
> fail safe mechanism.
>
This one will knock out vulnerabilities DB [17-25]: Steps for Manual De-installation of Oracle Spatial http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_d atabase_id=NOT&p_id=179472.1
Basically, the schema mdsys is created by default in a dbca db, even if the spatial option is not being installed. In theory, the following:
SQL> drop user spatial cascade;
should do the trick.
The referenced doc was for 9i and not apparently updated for 10g.
As always, test on a destructo box first.
Paul
-- http://www.freelists.org/webpage/oracle-l -- http://www.freelists.org/webpage/oracle-l -- http://www.freelists.org/webpage/oracle-l ----------------------------------------- This message is confidential and sent by TD Waterhouse solely for use by the intended recipient. If you are not the intended recipient, you are hereby notified that any use, distribution or copying of this communication is strictly prohibited. This should not be deemed as an offer or solicitation, to buy or sell any product. Any 3rd party information contained herein was prepared by sources deemed reliable, but is not guaranteed. TD Waterhouse does not accept electronic instructions that would require an original signature. Information received by or sent from TD Waterhouse is stored, subject to review, and may be produced to regulatory authorities or others with a legal right to such. -- http://www.freelists.org/webpage/oracle-l -- http://www.freelists.org/webpage/oracle-lReceived on Mon Oct 31 2005 - 06:38:21 CST
 |
 |