From: Fernando N. de Souza (fnantes@yahoo.com)
Date: Wed Feb 09 2005 - 18:16:18 EST
Scenario:
==========
Sun E3500
Solaris 9 (Generic_112233-12)
Oracle 9i Server (9.2.0.4)
Problem:
========
/var/tmp/.oracle directory contains scores of files of type "AF_UNIX
address family sockets", the permissions are srwxrwxrwx.
>From what I understand the files are created by the Oracle Listener
process (tnslsnr) each time it starts and just seat there until they
are deleted.
At the bottom I list the output of lsof and ls -l.
Questions:
==========
Are there any possible security issues related to the fact that the
permission mask is srwxrwxrwx?
Is it possible to force the default permissions to something more
restrictive?
Could we do 'chmod o-w <file>'? Would that break anything?
Thanks.
-- Fernando N. de Souza SysAdmin/DBA Fairfax, VA -- Output of 'lsof | grep "/var/tmp/.oracle"' ========================================== tnslsnr 8020 oracle 11u unix 105,19 0t0 192488 /devices/pseudo/tl@0:ticots->/var/tmp/.oracle/s#8020.1 (0x38d01c8cae8) (Vnode=0x30007117618) tnslsnr 8020 oracle 12u unix 105,20 0t0 192488 /devices/pseudo/tl@0:ticots->/var/tmp/.oracle/sEXTPROC (0x38feede5cc0) (Vnode=0x3000e02bb68) Output of 'ls -ltr /var/tmp/.oracle': ===================================== ... srwxrwxrwx 1 oracle dba 0 Jul 16 2003 s#27312.1 srwxrwxrwx 1 oracle dba 0 Jul 16 2003 s#27358.1 srwxrwxrwx 1 oracle dba 0 Jul 16 2003 s#28000.1 srwxrwxrwx 1 oracle dba 0 Jul 16 2003 s#28046.1 srwxrwxrwx 1 oracle dba 0 Jul 16 2003 s#29847.1 srwxrwxrwx 1 oracle dba 0 Mar 12 2004 s#12095.1 srwxrwxrwx 1 oracle dba 0 Mar 12 2004 s#12925.1 srwxrwxrwx 1 oracle dba 0 Mar 18 2004 s#13715.1 srwxrwxrwx 1 oracle dba 0 Nov 12 14:46 sEXTPROC srwxrwxrwx 1 oracle dba 0 Nov 12 14:46 s#8020.1 ===== Fernando Nantes de Souza fnantes@yahoo.com http://fnantes.icestorm.com -.-- --- ..- .- .-. . .- --. . . -.- _______________________________________________ sunmanagers mailing list sunmanagers@sunmanagers.org http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:30:08 EDT