RE: "SET UID" not set for oracle executable ?
- From: Jared.Still@xxxxxxxxxxx
- To: oracle-l@xxxxxxxxxxxxx
- Date: Thu, 12 Aug 2004 09:09:31 -0700
> I'm about 98% sure that the SUID isn't absolutely required just to get a
> database running.
Correct
> My memory might be a little foggy here, but I think I
> recall that one work around for a security hole that was identified
within
> the last year, where it was possible to execute the oracle binary with
> malicious command line arguments (I don't recall the version or the
> platform), was to remove execute for "other" from the oracle binary and
> remove the suid.
>
I think you will find that chmod 751 $ORACLE_HOME/bin/oracle makes the
database very secure indeed.
Jared
----------------------------------------------------------------
Please see the official ORACLE-L FAQ: http://www.orafaq.com
----------------------------------------------------------------
To unsubscribe send email to: oracle-l-request@xxxxxxxxxxxxx
put 'unsubscribe' in the subject line.
--
Archives are at //www.freelists.org/archives/oracle-l/
FAQ is at //www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
Other related posts:
