RE: Fw: OT - Getting fired for database oops

From: "Tanel Poder" <tanel@xxxxxxxxxx>
To: "'Andre van Winssen'" <dreveewee@xxxxxxxxx>
Date: Wed, 27 May 2009 20:15:23 +0300

Hi Andre,
 
So there's an assumption that Oracle database or listener can write into
files in Oracle home. 
 
When you can write to any file in Oracle home remotely, then all bets are
off, making glogin.sql owned by root is not going to make the system
fundamentally any more secure. 
 
It would protect only against that guy who knows no other way to "hack in"
than tampering glogin.sql, but obviously there are many other ways to break
in when you can modify files (scripts,binaries,libraries) in Oracle home.
 
--
Regards,
Tanel Poder
 <http://blog.tanelpoder.com/> http://blog.tanelpoder.com 




  _____  

From: Andre van Winssen [mailto:dreveewee@xxxxxxxxx] 
Sent: 27 May 2009 16:56
To: tanel@xxxxxxxxxx
Cc: dbvision@xxxxxxxxxxxx; oracle-l@xxxxxxxxxxxxx
Subject: Re: Fw: OT - Getting fired for database oops


Hi Tanel,
 
the root ownership of ?/sqlplus/admin/glogin.sql prevents the oracle
database (& listener) process from writing into glogin.sql. What I want to
achieve is that no one remotely can tamper with glogin.sql through database
calls or listener manipulation, remotely. A dba logged on to the box can do
the things you mention for sure.
 
 
Regards,
Andre


2009/5/27 Tanel Poder <tanel@xxxxxxxxxx>


Well the root ownership doesn't prevent you from renaming the original
sqlplus/admin directory to something else and cloning that directory back
using cp -rp, which would lose the root ownership bit.

If you set the whole tree as owned by root - then you can just clone your
whole directory to /tmp and run from there.

Also there are other tricks like using LD_PRELOAD env variable to redirect
some file opens to your custom files without the application knowing about
it.

So the setting the root ownership wouldn't be a secure solution, it would be
"security by obscurity" at most.


--
Regards,
Tanel Poder
http://blog.tanelpoder.com <http://blog.tanelpoder.com/> 


> > my favourite would be a preventive control, one which
> simply does not
> > allow oracle user to change glogin.sql just like that. A
> drastic but
> > effective implementation is to chown root glogin.sql and
> make it read
> > only by oracle user (and the world). This would be
> acceptable because
> > you do not update this file often, only sqlplus reads it every time
>
>
> Good idea, and applicable to a lot of others as well.
> Thanks!
>
> --
> Cheers
> Nuno Souto
> in rainy Sydney, Australia
> dbvision@xxxxxxxxxxxx
> --
> //www.freelists.org/webpage/oracle-l
>
>

--
//www.freelists.org/webpage/oracle-l

Follow-Ups:
- RE: Fw: OT - Getting fired for database oops
  - From: Andre van Winssen

References:
- Re: Fw: OT - Getting fired for database oops
  - From: Jared Still
- Re: Fw: OT - Getting fired for database oops
  - From: Thomas Day
- Re: Fw: OT - Getting fired for database oops
  - From: Jack van Zanen
- RE: Fw: OT - Getting fired for database oops
  - From: Andre van Winssen
- Re: Fw: OT - Getting fired for database oops
  - From: Jared Still
- RE: Fw: OT - Getting fired for database oops
  - From: Andre van Winssen
- Re: Fw: OT - Getting fired for database oops
  - From: Nuno Souto
- Re: Fw: OT - Getting fired for database oops
  - From: Andre van Winssen
- Re: Fw: OT - Getting fired for database oops
  - From: Nuno Souto
- RE: Fw: OT - Getting fired for database oops
  - From: Tanel Poder
- Re: Fw: OT - Getting fired for database oops
  - From: Andre van Winssen

RE: Fw: OT - Getting fired for database oops

Other related posts: