Re: Sticky bit set on linux password file

From: Jared Still <jkstill_at_gmail.com>
Date: Tue, 1 Jul 2008 12:25:22 -0700
Message-ID: <bf46380807011225l39229f32h9ecdd9b63c436e76@mail.gmail.com>


On Tue, Jul 1, 2008 at 12:11 PM, Kurt Franke <Kurt-Franke_at_web.de> wrote:

>
> Hi Jared,
>
> its just for Security.
>
>

Thanks Kurt, that makes perfect sense.

I renamed the password file, and copied in one that I owned, and via root chown'd to my linux account.

While the theory is good, the reality seems to be a bit different.

Though the remote logon as sysdba took longer than normal, I was still able to successfully logon as sysdba.

The password file is still owned by me.

An attempt to grant sysdba to a user did initially fail:

12:21:33 - sys_at_orcl SQL> grant sysdba to scott; grant sysdba to scott
*
ERROR at line 1:
ORA-01993: error writing password file
'/u01/app/oracle/product/9.2.0/aglqa/dbs/orapworcl' ORA-27091: skgfqio: unable to queue I/O
ORA-27041: unable to open file
Linux-x86_64 Error: 13: Permission denied Additional information: 3

After doing "chmod 660 orapworcl", the next attempt to grant sysdba to scott succeeded.

User SCOTT successfully did a remote sysdba logon to the database.

The password file is still owned by me.

Maybe a bug? Guess it's time to check the ML bug database.

-- 
Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist

--
http://www.freelists.org/webpage/oracle-l
Received on Tue Jul 01 2008 - 14:25:22 CDT

Original text of this message