On 5/23/06, Ray Stell <stellr@xxxxxxxxxx> wrote:
On Tue, May 23, 2006 at 08:38:15AM -0700, GovindanK wrote: > I could not lay hands on Metalink doc due to response. This is due to enhanced > security in 10gR2.
Preventing access to the software is one approach to security, but it is rather like unplugging the ethernet to provide network security.
I did find a doc for the MS platform that hints at they philosophy:
http://download-east.oracle.com/docs/cd/B19306_01/win.102/b14305/config.htm#ABC1019374SRI1 4.3.1 File Permissions "Beginning with Oracle9i release 2 (9.2), Oracle Universal Installer, Database Configuration Assistant, and Database Upgrade Assistant set file permissions when Oracle Database software is installed or upgraded."
I'm pretty sure that was platform specific. I'm almost certain that it used to be the case on windows that anyone - including guest and anonymous accounts - could execute the binaries on the Oracle server. Certainly 9.2broke a lot of windows based web apps around the world when the IIS anonymous accounts could no longer access the Oracle client.
-- Niall Litchfield Oracle DBA http://www.orawin.info
