Unfortunately as of 10.2 Oracle does not provide syntax for database creation (most of it is the same but I always worry about new features). All I found on Metalink were the instructions that if you *really* don't want to use DBCA then use DBCA to generate the scripts and run them yourself. I did so and did a fair amount of modifying but I'm still a bit p***ed off about it. Jay Miller -----Original Message----- From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] Sent: Thursday, October 20, 2005 10:54 AM To: Rich.Jesse@xxxxxxxxxxxxxxxxx; bdbafh@xxxxxxxxx; stellr@xxxxxxxxxx Cc: oracle-l Subject: RE: Litchfield on October patch Exactly. DBCA is a beast that should be put to sleep. It cruds the database up with stuff that you don't need, and that Oracle wants to charge you for. We never use it. -----Original Message----- From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Jesse, Rich Sent: Thursday, October 20, 2005 10:49 AM To: bdbafh@xxxxxxxxx; stellr@xxxxxxxxxx Cc: oracle-l Subject: RE: Litchfield on October patch Better yet, just don't use the dbca. Rich "E-vil. Like the fru-its of the dev-il, E-vil." -- Charley Mackenzie, So I Married An Axe Murderer -----Original Message----- From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Paul Drake Sent: Wednesday, October 19, 2005 6:09 PM To: stellr@xxxxxxxxxx Cc: oracle-l Subject: Re: Litchfield on October patch On 10/19/05, Ray Stell <stellr@xxxxxxxxxx> wrote: > from bugtraq: > > Having downloaded and given the Oracle October patch a cursory examination, > some of the flaws Oracle told me were being fixed, remain exploitable. Once > again the patch is not sufficient. I will conduct a full investigation of > the patch over the coming few days and post some recommendations once > complete. Incidently, it's good to see that the NGS Disclosure policy of not > publicly releasing details of the flaws "fixed" seems to work as a useful > fail safe mechanism. > > More to follow... > Cheers, > David Litchfield > NGSSoftware Ltd > http://www.ngssoftware.com/ > ====================================================================== > Ray Stell stellr@xxxxxx (540) 231-4109 Tempus fugit 28^D > -- > //www.freelists.org/webpage/oracle-l This one will knock out vulnerabilities DB [17-25]: Steps for Manual De-installation of Oracle Spatial http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_d atabase_id=NOT&p_id=179472.1 Basically, the schema mdsys is created by default in a dbca db, even if the spatial option is not being installed. In theory, the following: SQL> drop user spatial cascade; should do the trick. The referenced doc was for 9i and not apparently updated for 10g. As always, test on a destructo box first. Paul -- //www.freelists.org/webpage/oracle-l -- //www.freelists.org/webpage/oracle-l -- //www.freelists.org/webpage/oracle-l ----------------------------------------- This message is confidential and sent by TD Waterhouse solely for use by the intended recipient. If you are not the intended recipient, you are hereby notified that any use, distribution or copying of this communication is strictly prohibited. This should not be deemed as an offer or solicitation, to buy or sell any product. Any 3rd party information contained herein was prepared by sources deemed reliable, but is not guaranteed. TD Waterhouse does not accept electronic instructions that would require an original signature. Information received by or sent from TD Waterhouse is stored, subject to review, and may be produced to regulatory authorities or others with a legal right to such. -- //www.freelists.org/webpage/oracle-l