Re: External tables. Security concerns.

On 18 Aug 2006 14:01:10 -0700, artmt_at_hotmail.com wrote:

>> Yes and no. they are correct to not allow uncontrolled use of UTL_FILE
>> but directory objects are harmless and the only real risk with an
>> External Table would be you dumping GB of into a file and using too
>> much disk.
>>
>> Most likely they don't understand the technology because if they did
>> they would know that DIRECTORY OBJECTS are wholly internal to the
>> database.
>> --
>> Daniel A. Morgan
>> University of Washington
>> damorgan_at_x.washington.edu
>> (replace x with u to respond)
>> Puget Sound Oracle Users Group
>> www.psoug.org
>
>That answers my question about external tables.
>Thanks.
>How about the other components required to implement ETL via external
>tables?
>Would allowing FTP access or NFS mount necessarily jeopardize secutity
>of the Oracle server?

ordinary ftp would definitely jeopardize security, and shouldn't be considered.
I also wouldn't consider a NFS mount to the Oracle server.

Furthermore, I would disallow telnet access, and make sure the oracle account has to be su-ed into.
I also would implement also all measures proposed by Arup Nanda in his recent 'Project Lockdown' on http://otn.oracle.com

--
Sybrand Bakker, Senior Oracle DBA