Oracle Tips by Burleson
Another important fact must be taken into
account while examining these files. Most of the above files may
have a file named after them, but with the numeral zero. For
example, there could be a file called dbsnmp0, in addition to dbsnmp.
When a new version is built, Oracle copies the old file dbsnmp to
dbsnmp0, and recreates the dbsnmp file.
This is done to ensure that in case the new
file building fails, the old file dbsnmp0 can be renamed to dbsnmp
and still be used. The old file dbsnmp0 still exists with the suid
bit on. This could be an important security hole exploited by a
potential hacker. Therefore, the suid bit for the 0-suffixed files
should be turned off.
The suid is turned off by the following command
chmod –s dbsnmp0
Tip: Turn off the SUID bit on all files except
the most needed. The SUID bit should be tuned on for the file oracle
in $ORACLE_HOME/bin. If Intelligent Agent is used, then the SUID
should be on for the file dbsnmp; if Name Server is used then it
should be on for onrsd; and if Oracle Internet Directory is used,
then it should be turned on for the file oidldapd. All other files
should have their SUID bits turned off.
ORA-12546: TNS:permission denied
Note the error: “ORA-12546 : TNS:permission
denied,” meaning the execute on the Oracle executable failed.
However, the connection is attempted now using a connect string,
i.e. forcing it to go through the regular IPC or TCP/IP process.
Oracle8i Enterprise Edition Release 220.127.116.11.0 - Production
With the Partitioning option
JServer Release 18.104.22.168.0 - Production
The connection was successful.
Remove the execute permissions on Oracle
executables from others as a precaution to prevent malicious use.
Download your Oracle scripts now:
definitive Oracle Script collection for every Oracle professional DBA