directly access OS? you mean read/write files? perhaps older dbas are forgetting utl_file did that as well? I don't think there is any problem. Like exp dump, expdp dump is also proprietary, you can't read much. if you are worries, encrypt the dump. Raj On Wed, Sep 1, 2010 at 3:03 PM, Bill Myers <bwmyers@xxxxxxxxx> wrote: > Hey all, > Are there any security concerns out there using Data Pump (server side) > over conventional exp/imp (client side)? I've started a new job and some > "older" DBAs refuse to allow the use of Data Pump since it allows a > privileged database user to directly access the O/S through an Oracle > directory object. Can't these concerns be addressed through the use of ACLs > and other means to secure the O/S target directory? > > Thanks in advance. > Bill > 9i OCA/10g OCP DBA -- ----- Best regards Raj