I think it is very rare any user will make mistake of giving backup path
same as database home or one of its subdirectories. But I agree it might be
nice to throw a better error message, but that might add some addtional
restrictions or overhead.
Some thought one possible way to fix this::
Here's an idea:
Store a file with an obvious name into the backup path.
Then search down from the database home and see if you find the file.
If you do, there's an error. If you don't, things are fine.
Either way, remove the file once you're done.
I don't believe this requires any additional security permissions, because
you already have to be able to write to the backup and read from the
database in order to perform the backup.
And I think this algorithm is pretty reliable in the face of symbolic links,
etc., because you are working with a real file in a real location, not
trying to interpret the paths abstractly.
Just thought I'd throw this out there, in case it gave you some ideas
of ways to work on the problem.
thanks,
bryan
