Re: World Writeable Oracle files

• From: Mladen Gogala <gogala@xxxxxxxxxxxxx>
• To: oracle-l@xxxxxxxxxxxxx
• Date: Fri, 23 Jul 2004 16:53:00 -0400

On 07/23/2004 04:26:50 PM, "Smith, Ron L." wrote:
> We are trying to elimination the world writeable file permissions on our
> Unix servers.
> Most of these files and directories are a result of the Oracle installs.
> Does anyone know if any of the Oracle files that are world writeable
> really require those permissions?


Definitely not. Nothing under $ORACLE_HOME should be more 
permissive then 755. The only  exception are symbolic links
which do not affect the protection of the underlying file.
Here is the picture from my  $ORACLE_HOME:
# find . -perm 777 -print
./bin/lbuilder
./jdk/man/ja
./lib/libclntsh.so
./lib/libocci.so
./lib/libodm10.so
./lib/stubs/ld-linux.so.2
./lib/stubs/libBrokenLocale.so
./lib/stubs/libBrokenLocale.so.1
./lib/stubs/libICE.so
./lib/stubs/libICE.so.6
./lib/stubs/libNoVersion.so.1
./lib/stubs/libPEX5.so
./lib/stubs/libPEX5.so.6
./lib/stubs/libSM.so
./lib/stubs/libSM.so.6
./lib/stubs/libX11.so
./lib/stubs/libX11.so.6
./lib/stubs/libXIE.so
./lib/stubs/libXIE.so.6
./lib/stubs/libXaw.so
./lib/stubs/libXaw.so.7
./lib/stubs/libXaw3d.so
./lib/stubs/libXaw3d.so.7
./lib/stubs/libXext.so
./lib/stubs/libXext.so.6
./lib/stubs/libXi.so
./lib/stubs/libXi.so.6
./lib/stubs/libXm.so
./lib/stubs/libXm.so.2
./lib/stubs/libXmu.so
./lib/stubs/libXmu.so.6
./lib/stubs/libXp.so
./lib/stubs/libXp.so.6
./lib/stubs/libXpm.so
./lib/stubs/libXpm.so.4
./lib/stubs/libXt.so
./lib/stubs/libXt.so.6
./lib/stubs/libXtst.so
./lib/stubs/libXtst.so.6
./lib/stubs/libaio.so
./lib/stubs/libaio.so.1
./lib/stubs/libc.so.6
./lib/stubs/libcrypt.so
./lib/stubs/libcrypt.so.1
./lib/stubs/libdl.so
./lib/stubs/libdl.so.2
./lib/stubs/libm.so
./lib/stubs/libm.so.6
./lib/stubs/libnsl.so
./lib/stubs/libnsl.so.1
./lib/stubs/libpthread.so
./lib/stubs/libpthread.so.0
./lib/stubs/libresolv.so
./lib/stubs/libresolv.so.2
./lib/stubs/librt.so.1
./lib/stubs/libstdc++-libc6.2-2.so.3
./lib/stubs/libstdc++.so
./lib/stubs/libutil.so
./lib/stubs/libutil.so.1
./precomp/public/BNDDSC.FOR
./precomp/public/ORACA.COB
./precomp/public/ORACA.FOR
./precomp/public/ORACA.H
./precomp/public/SELDSC.FOR
./precomp/public/SQLCA.COB
./precomp/public/SQLCA.FOR
./precomp/public/SQLCA.H
./precomp/public/SQLDA.H
./rdbms/filemap
#

And now, let's see what are those files:

# find . -perm 777 -exec file {} \;
./bin/lbuilder: symbolic link to /oracle/product/10g/nls/lbuilder/lbuilder
./jdk/man/ja: symbolic link to /oracle/product/10g/jdk/man/ja_JP.eucJP
./lib/libclntsh.so: symbolic link to /oracle/product/10g/lib/libclntsh.so.10.1
./lib/libocci.so: symbolic link to libocci.so.10.1
./lib/libodm10.so: symbolic link to libodmd10.so
./lib/stubs/ld-linux.so.2: symbolic link to ld-linux-2.2.4-stub.so
./lib/stubs/libBrokenLocale.so: symbolic link to libBrokenLocale.so.1
./lib/stubs/libBrokenLocale.so.1: symbolic link to 
libBrokenLocale-2.2.4-stub.so./lib/stubs/libICE.so: symbolic link to libICE.so.6
./lib/stubs/libICE.so.6: symbolic link to libICE-2.2.4-stub.so
./lib/stubs/libNoVersion.so.1: symbolic link to libNoVersion-2.2.4-stub.so
./lib/stubs/libPEX5.so: symbolic link to libPEX5.so.6
./lib/stubs/libPEX5.so.6: symbolic link to libPEX5-2.2.4-stub.so
./lib/stubs/libSM.so: symbolic link to libSM.so.6
./lib/stubs/libSM.so.6: symbolic link to libSM-2.2.4-stub.so
./lib/stubs/libX11.so: symbolic link to libX11.so.6
./lib/stubs/libX11.so.6: symbolic link to libX11-2.2.4-stub.so
./lib/stubs/libXIE.so: symbolic link to libXIE.so.6
./lib/stubs/libXIE.so.6: symbolic link to libXIE-2.2.4-stub.so
./lib/stubs/libXaw.so: symbolic link to libXaw.so.7
./lib/stubs/libXaw.so.7: symbolic link to libXaw-2.2.4-stub.so
./lib/stubs/libXaw3d.so: symbolic link to libXaw3d.so.7
./lib/stubs/libXaw3d.so.7: symbolic link to libXaw3d-2.2.4-stub.so
./lib/stubs/libXext.so: symbolic link to libXext.so.6
./lib/stubs/libXext.so.6: symbolic link to libXext-2.2.4-stub.so
./lib/stubs/libXi.so: symbolic link to libXi.so.6
./lib/stubs/libXi.so.6: symbolic link to libXi-2.2.4-stub.so
./lib/stubs/libXm.so: symbolic link to libXm.so.2
./lib/stubs/libXm.so.2: symbolic link to libXm-2.2.4-stub.so
./lib/stubs/libXmu.so: symbolic link to libXmu.so.6
./lib/stubs/libXmu.so.6: symbolic link to libXmu-2.2.4-stub.so
./lib/stubs/libXp.so: symbolic link to libXp.so.6
./lib/stubs/libXp.so.6: symbolic link to libXp-2.2.4-stub.so
./lib/stubs/libXpm.so: symbolic link to libXpm.so.4
./lib/stubs/libXpm.so.4: symbolic link to libXpm-2.2.4-stub.so
./lib/stubs/libXt.so: symbolic link to libXt.so.6
./lib/stubs/libXt.so.6: symbolic link to libXt-2.2.4-stub.so
./lib/stubs/libXtst.so: symbolic link to libXtst.so.6
./lib/stubs/libXtst.so.6: symbolic link to libXtst-2.2.4-stub.so
./lib/stubs/libaio.so: symbolic link to libaio.so.1
./lib/stubs/libaio.so.1: symbolic link to libaio-2.2.4-stub.so
./lib/stubs/libc.so.6: symbolic link to libc-2.2.4-stub.so
./lib/stubs/libcrypt.so: symbolic link to libcrypt.so.1
./lib/stubs/libcrypt.so.1: symbolic link to libcrypt-2.2.4-stub.so
./lib/stubs/libdl.so: symbolic link to libdl.so.2
./lib/stubs/libdl.so.2: symbolic link to libdl-2.2.4-stub.so
./lib/stubs/libm.so: symbolic link to libm.so.6
./lib/stubs/libm.so.6: symbolic link to libm-2.2.4-stub.so
./lib/stubs/libnsl.so: symbolic link to libnsl.so.1
./lib/stubs/libnsl.so.1: symbolic link to libnsl-2.2.4-stub.so
./lib/stubs/libpthread.so: symbolic link to libpthread.so.0
./lib/stubs/libpthread.so.0: symbolic link to libpthread-2.2.4-stub.so
./lib/stubs/libresolv.so: symbolic link to libresolv.so.2
./lib/stubs/libresolv.so.2: symbolic link to libresolv-2.2.4-stub.so
./lib/stubs/librt.so.1: symbolic link to librt-2.2.4-stub.so
./lib/stubs/libstdc++-libc6.2-2.so.3: symbolic link to libstdc++-2.2.4-stub.so
./lib/stubs/libstdc++.so: symbolic link to libstdc++-libc6.2-2.so.3
./lib/stubs/libutil.so: symbolic link to libutil.so.1
./lib/stubs/libutil.so.1: symbolic link to libutil-2.2.4-stub.so
./precomp/public/BNDDSC.FOR: symbolic link to bnddsc.for
./precomp/public/ORACA.COB: symbolic link to oraca.cob
./precomp/public/ORACA.FOR: symbolic link to oraca.for
./precomp/public/ORACA.H: symbolic link to oraca.h
./precomp/public/SELDSC.FOR: symbolic link to seldsc.for
./precomp/public/SQLCA.COB: symbolic link to sqlca.cob
./precomp/public/SQLCA.FOR: symbolic link to sqlca.for
./precomp/public/SQLCA.H: symbolic link to sqlca.h
./precomp/public/SQLDA.H: symbolic link to sqlda.h
./rdbms/filemap: symbolic link to /opt/ORCLfmap/prot1_32
#


As you see, each and every one of those files is a symbolic link.

-- 
Mladen Gogala
Oracle DBA
----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to:  oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------

• References:
  • World Writeable Oracle files
    • From: Smith, Ron L.

Other related posts:

• » World Writeable Oracle files
• » RE: World Writeable Oracle files
• » Re: World Writeable Oracle files
• » Re: World Writeable Oracle files
• » Re: World Writeable Oracle files
• » RE: World Writeable Oracle files
• » RE: World Writeable Oracle files

1. Home
2. oracle-l
3. Archive
4. 07-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---