Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Project Lockdown ...

Project Lockdown ...

From: stv <stvsmth_at_gmail.com>
Date: Fri, 6 Oct 2006 15:51:26 -0600
Message-ID: <9493d0340610061451k21662660i4b7a26e676bfadd7@mail.gmail.com> 





Does anyone have opinions of this paper?



http://www.oracle.com/technology/pub/articles/project_lockdown/project-lockdown.pdf



I found the link via Pete Finnigan, who seems to my newbie eyes an
excellent resource. Anway, we're working through this for an Oracle XE
instance that will serve a public-facing PHP application.



Section 1.4 talks about setting umask on certain directories. I'm
familiar with umask, but I'm unaware of any directory capability.
Googling "directory umask" hits a couple of pages where people ask for
such a thing and get unsatisfactory answers. man pages don't lead
anywhere.



The intent of 1.4 is to ensure that bdumps, rdbms/log, rdbms/audit and
some other folders that house dynamically created files will default
to -rw-------.



to quote:






Some trace files are generated here as well as the database alert log.
Permissions should be


rw------- (Read+Write by Oracle software owner only)



So, aside from the Unix question, I was wondering if others have
thoughts on this paper?



--steve smith

--



http://www.freelists.org/webpage/oracle-l
Received on Fri Oct 06 2006 - 16:51:26 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US