We have recently implemented this, actually our requirement was to write * out* a file from the db using UTL_FILE but my take on it was.
1) you can control who accesses the data at the UNIX level via an ACL on the share. 2) you can control who has access to the data at the Unix level 3) you can control who has access to the data at the Oracle level. 4) you might well be able to control access to the data at the application level. (we could)
In other words I wasn't that concerned :). Now this sort of arrangement does rather require that everyone thinks about the security requirements, that the windows and unix sysadmins trust each other (and the dbas and developers as well for that matter). If you'd chosen application express the application users could probably have loaded the files directly from the client PCs by the way.
cheers
Niall
Our app guys have built a small database app, which amongst other things, loads image files from a file system into the database - the intention being that these are files that users can drag/drop from their PC into this file system.
They've assumed that the files will be local to the database server, so I'm considering samba to expose a small f/s on the db server.
Our unix admin is resisting - quoting samba is a security risk, and that it opens our database server up to all sort of attack.
I don't really care whether we use samba or something else or whatever - but I've been asked to give an informed opinion, so I figured it would be to defer to anyone (on the list that is informed ... 'cos i'm not.
Are the risks legitimate ?
Cheers Connor
-- Connor McDonald =========================== email: connor_mcdonald@xxxxxxxxx web: http://www.oracledba.co.uk
"Semper in excremento, sole profundum qui variat" -- //www.freelists.org/webpage/oracle-l
-- Niall Litchfield Oracle DBA http://www.orawin.info