Does anyone have opinions of this paper?
http://www.oracle.com/technology/pub/articles/project_lockdown/project-lockdown.pdf
I found the link via Pete Finnigan, who seems to my newbie eyes an excellent resource. Anway, we're working through this for an Oracle XE instance that will serve a public-facing PHP application.
Section 1.4 talks about setting umask on certain directories. I'm familiar with umask, but I'm unaware of any directory capability. Googling "directory umask" hits a couple of pages where people ask for such a thing and get unsatisfactory answers. man pages don't lead anywhere.
The intent of 1.4 is to ensure that bdumps, rdbms/log, rdbms/audit and some other folders that house dynamically created files will default to -rw-------.
to quote:
* Change umask on background_dump_dest to 0177.
Some trace files are generated here as well as the database alert log. Permissions should be rw------- (Read+Write by Oracle software owner only)
So, aside from the Unix question, I was wondering if others have thoughts on this paper?
--steve smith -- //www.freelists.org/webpage/oracle-l