sql_trace Fine Grained Access Control FGAC _trace_files_public init.ora utl_file_dir utl

Phone
800-766-1884

Oracle Tips by Burleson

utl_file_dir Wildcarding

The Oracle built-in package utl_file needs a special parameter named utl_file_dir that points to a directory on the server, not the client, where the files can be manipulated via the package.

This directory should be such that the OS user ORACLE would be able to manipulate (read and write) files there. Instead of specifying a directory, a wild card character "*" can be

entered that will allow manipulation of files in any directory. The wild card parameter is specified in the initialization file as

utl_file_dir = *

DBAs sometimes, mainly due to a lack of clear requirements, set this to * so that the developers can easily read and write files anywhere they want. Since changing this parameter needs a database recycle, the normal temptation is to set this wildcard. Nothing can potentially cause as much damage as this setting. Remember, the parameter signifies the directory that the Oracle software owner user can manipulate. This will allow a user to open up any file readable and writable by Oracle – including the datafiles! Even legitimate users without any malicious intent could inadvertently damage the files this way.

Therefore, never set the parameter to the lazy setting of *; always use a specific directory name, and that directory should not be one where the Oracle database sensitive files are present.

Never set the initialization parameter utl_file_dir to "*".

Download your Oracle scripts now:

www.oracle-script.com

The definitive Oracle Script collection for every Oracle professional DBA