RE: "SET UID" not set for oracle executable ?

  • From: "Carel-Jan Engel" <cjpengel.dbalert@xxxxxxxxx>
  • To: oracle-l@xxxxxxxxxxxxx
  • Date: Tue, 10 Aug 2004 16:22:35 +0200 (CEST)

AFIK, root.sh is executed to do things like copying oraenv etc. to
/usr/local/bin, and only root can create that dir if it isn't there.
Putting a default oratab in /etc is another task of root.sh.

At least on most default installed (not-hardened) unix flavours the user
oracle self can set the setuid bit, and one doesn't need to be root to do
that. Root privileges are needed to set the setuid bit on files that one
doesn't own.

Regards, Carel-Jan

===
If you think education is expensive, try ignorance. (Derek Bok)
===



> Mark, I know all about setuid root programs and security hole
> that they represent, but oracle executable needs to have setuid
> to oracle protection. It's an installation requirement, not my
> invention.
>
> --
> Mladen Gogala
> Oracle DBA
> email:mladeng@xxxxxxxxx
> Ext: 9787
>
> ----------------------------------------------------------------
> Please see the official ORACLE-L FAQ: http://www.orafaq.com
> ----------------------------------------------------------------
> To unsubscribe send email to:  oracle-l-request@xxxxxxxxxxxxx
> put 'unsubscribe' in the subject line.
> --
> Archives are at //www.freelists.org/archives/oracle-l/
> FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
> -----------------------------------------------------------------
>

----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to:  oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------

Other related posts: