RE: Question Re CIS Guidelines

There could be external caching unless you specifically disable it
including operating system cache and SAN cache.
 

  _____  

From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Jason Heinrich
Sent: Wednesday, October 24, 2007 1:33 PM
To: oracle-l
Subject: Question Re CIS Guidelines


I'm working on implementing the CIS guidelines for Oracle 10g in a
database, and I'm a bit confused over one of them:

6.02 Cache -- Cache must be emptied at shut down of Oracle.
"Information in caches may be accessed outside of Oracle and beyond the
control of the security parameters." 

First of all, they don't mention which caches need to be emptied at
shutdown -- I'm assuming the buffer cache and the shared pool.  Second,
how could information in the cache be accessed after the instance is
shut down?  Does the data still exist in memory until overwritten?  If
so, then I guess someone with the right utility could read those memory
addresses and the OS wouldn't prevent them because the addresses no
longer belonged to a process? 

-- 
Jason Heinrich
Oracle Developer/DBA 

Other related posts: