| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: Project Lockdown ...
I usually delete these after any relink (patch, ....). I siometimes delete
them during the relink to recover some space (on my space constrained VMs).
rgds
On 10/9/06, Jesse, Rich <Rich.Jesse_at_qg.com> wrote:
>
> Interesting reading. I see that Arup recommends to "Change the
> permission of the redundant files $ORACLE_HOME/bin/oracleO, tnslsnr0,
> lsnrctl0, extjob0, etc. to 0000." I've always just deleted these
> immediately after installing and some time after upgrading/patching.
>
> Any reason that I should be keeping these around? Meatlink doesn't seem
> to have any articles dealing with this.
>
> Rich
>
> Disclaimer: "Metalink" wasn't found in my spell checker.
>
> -----Original Message-----
> From: oracle-l-bounce_at_freelists.org
> [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of stv
> Sent: Friday, October 06, 2006 4:51 PM
> To: oracle-l_at_freelists.org
> Subject: Project Lockdown ...
>
> Does anyone have opinions of this paper?
>
> http://www.oracle.com/technology/pub/articles/project_lockdown/project-l
> ockdown.pdf
>
> I found the link via Pete Finnigan, who seems to my newbie eyes an
> excellent resource. Anway, we're working through this for an Oracle XE
> instance that will serve a public-facing PHP application.
>
> Section 1.4 talks about setting umask on certain directories. I'm
> familiar with umask, but I'm unaware of any directory capability.
> Googling "directory umask" hits a couple of pages where people ask for
> such a thing and get unsatisfactory answers. man pages don't lead
> anywhere.
>
> The intent of 1.4 is to ensure that bdumps, rdbms/log, rdbms/audit and
> some other folders that house dynamically created files will default
> to -rw-------.
>
> to quote:
>
> * Change umask on background_dump_dest to 0177.
>
> Some trace files are generated here as well as the database alert log.
> Permissions should be
> rw------- (Read+Write by Oracle software owner only)
>
> So, aside from the Unix question, I was wondering if others have
> thoughts on this paper?
>
> --steve smith
> --
> http://www.freelists.org/webpage/oracle-l
> --
> http://www.freelists.org/webpage/oracle-l
>
>
>
-- http://www.freelists.org/webpage/oracle-lReceived on Mon Oct 09 2006 - 08:24:50 CDT
 |
 |