Listener and extproc security

From: Jason Heinrich <jheinrichdba_at_gmail.com>
Date: Thu, 3 Jan 2008 10:02:20 -0600
Message-ID: <b32e774d0801030802g5990f3b1g7a3350b38e9aa8ae@mail.gmail.com>

I'm looking for clarification on securing extproc, specifically in regards to accessing it over TCP in 10.2.0.3. My understanding is that a separate listener is recommended for extproc which only listens to IPC calls. Otherwise, if the database listener was used, extproc and any allowed libraries on the server could be accessed remotely via TCP.

Most of what I've read on this is from a 9i security bulletin, but I haven't seen anything so far that says the situation has changed in 10g. Is my understanding of the situation correct, and is this still the recommended configuration? I want to make sure I have my facts strait before I recommend this to my coworkers.

--

Jason Heinrich

--

http://www.freelists.org/webpage/oracle-l Received on Thu Jan 03 2008 - 10:02:20 CST

This message: [ Message body ]
Next message: Tanel Poder: "RE: Server Architecture"
Previous message: Andrew Kerber: "Re: Server Architecture"
Next in thread: Goulet, Dick: "RE: Listener and extproc security"
Reply: Goulet, Dick: "RE: Listener and extproc security"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message