| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> RE: java package to run OS command
It really isn't that much of a hassle once you have Java itself setup.
I have a problem with the lack of security placed on the Java code from the oracle-base.com article though. What we did (are in the process of doing) is to restrict execute access to a single directory that we create and maintain. This prevents someone from executing something like the following:
#!/bin/sh
$ORATEMP=/my/oracle/bome/temp
/usr/bin/rm -rf $ORATMEP/*
We also restrict read/write to /tmp, which works for how we use OS interaction.
My $.02,
Rich
Rich Jesse System/Database Administrator rjesse_at_qtiworld.com Quad/Tech Inc, Sussex, WI USA
-----Original Message-----
Sent: Thursday, December 04, 2003 11:00 AM
To: Multiple recipients of list ORACLE-L
yeah, I'm trying to get away from C external procedures ...but java is beginning to look just as much a hassle.
Why is running a OS command such hassle?
--
Please see the official ORACLE-L FAQ: http://www.orafaq.net
--
Author: Jesse, Rich
INET: Rich.Jesse_at_qtiworld.com
Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services ---------------------------------------------------------------------To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). Received on Thu Dec 04 2003 - 11:59:28 CST
 |
 |