| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.misc -> Re: UTL_FILE permission
Frank,
Yes * will be a lose security, But do any one goes to Production in
your environemnt and write what ever they wish. Application code is
audited before
being put in Produciton in my envirnonment and If you break it you pay
for it.
Secondly, in the same email I had given the option for creating a directory, Make that directory available to a group so it is saved or public depends on the need and the fellow rased the problem did not mention or request it, Remember the rule, NEVER ASSUME. I remember and follow it every day.
Third put the output it in a secure diretory and with an script runing timely copy in to the users directory, Make the file naming convention such that you can identifiy files created by a users.
Frank, When people ask for solution give the solution that they can work with, Yes, not bad to give the warning or security, that's why people look for strong DBA i.e. they have solutions and security in control.
On my site never a system files are blown up, DBA who get scare do not have solution they are fear monster on the site/s. In my environment security is concern and taken care of but do not stop developers to stop developing and have 500 miles loop for solution.
Good Luck.
Nisar tareen
"Dave" <x_at_x.com> wrote in message news:<66did.24950$Bk6.7622_at_fe2.news.blueyonder.co.uk>...
> "Nisar Tareen" <ntareen_at_yahoo.com> wrote in message
> news:6134f1ca.0411031225.73f68e2_at_posting.google.com...
> > Frank,
> >
> > On the Oracle Parameter UTL_FILE give * as parameter.
> >
> > Then Ask your administrator to create a public libary where every one
> > else could create the files or access from this directory chmod 777
> > Oracle_temp. Let it be out side the Oracle example /Oralce_temp
> >
> > Then in update utl_file = /Oracle_temp it you are the only creater
> > of these output from oracle else leave this parameter as * and give
> > the path in before your output file and your user will be able to use
> > the file.
> >
> > Good Luck.
> >
> > Nisar Tareen
> >
> >
> >
> >
> > Frank Piron <empty_at_zero.nil> wrote in message
> > news:<opsgvoptn6m0et4w_at_news.online.de>...
> >> 2 Nov 2004 23:20:32 -0800 KelisaLee <jiayng_at_yahoo.com> wrote:
> >>
> >> > I've tried to use utl_file.fopen function to write a file to server.
> >> > When i check on attributes of the file, the file is generated by
> >> > oracle user with the priviledge -rw------. However, I need the file to
> >> > be accessed by group and others. Is there a way to chmod upon
> >> > generating the file? Any setting can be done on the server side?
> >>
> >> check command "umask"
>
> utter rubbish. umask was the correct answer set oracle's umask to be 022
>
> utl_file_dir = * very secure huh! you watch me remove your system datafile
> with that set, if using 9i you dont even need to set that parameter!
>
> doesnt matter what the permissions of the directory are, if I cant read the
> file I cant read the file
Received on Thu Nov 04 2004 - 08:17:52 CST
 |
 |