• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1741
  • Last Modified:

What priviledges do i need to give oracle binaries eg sqlplus so other users aprt from oracle can use

What priviledges do i need to give oracle binaries eg sqlplus so other users aprt from oracle can use them - without giving away too much priviledge
0
hraja77
Asked:
hraja77
  • 6
  • 3
  • 2
  • +2
1 Solution
 
Mark GeerlingsDatabase AdministratorCommented:
Basically, the "execute" privilege, but that vairies a bit by O/S.  What is your server O/S?
0
 
schwertnerCommented:
In Oracle exists the so called Schema/User.
You can grant rights to every Schema/User.
Privileges could be grant using Roles (set of priveleges).
You never should grant the role DBA to any user.
The role PUBLIC is a set that doesn't gives too much rights.

Especially for SQL*Plus it is possible to exclude some operations,
like update, delete.
0
 
Mark GeerlingsDatabase AdministratorCommented:
Schwertner and I understood your question differently.  Are you asking about O/S permissions for executing Oracle utilities (like SQL*Plus, SQL*Loader, Export and Import) from the operating system or are you asking about permissions inside the database?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
schwertnerCommented:
The file privileges to the binaries are given to the Oracle user
by the installation of the product.
No other users can access the binaries because other users
have to be granted OS roles that give them the right to
manipulate the instance in an unwanted way.
Normaly Oracle users are accessing Oracle not using binaries
on the server. They correspond with the Listener using
TCP/IP protocol via some port (1521 commonly) on the server.
0
 
hraja77Author Commented:
hi thanks for the response - i'm asking about the o/s permisssions like sqlplus/ sqlloader
0
 
hraja77Author Commented:
thanks schwertner but which files would another user need permission to - to get access to sqlplus ?
do you know ?
0
 
hraja77Author Commented:
i get map:permission denied n invoking sqlplus from another user than oracle
0
 
Mark GeerlingsDatabase AdministratorCommented:
Can you tell us which server O/S you have?  That would help!
0
 
hraja77Author Commented:
its aix 5l and oracle 10g
0
 
hraja77Author Commented:
i want to chmod 755 just the files that i need to and not all the binaries of oracle - can you help;

thanks
H
0
 
adrian_angCommented:
I would suggest to start with a good paper related to security by Arup Nanda : http://www.oracle.com/technology/pub/articles/project_lockdown/index.html
0
 
adrian_angCommented:
There are issues related to os privileges on oracle executables( http://www.oracle.com/technology/pub/articles/project_lockdown/index.html )
0
 
konektorCommented:
create some file eg. "client.env" and place it into eg. /etc/oracle
my content:
OADR=/xg102
ORACLE_HOME=${OADR}/app/oracle/product/10.2.0
export ORACLE_HOME
ORACLE_TERM=$TERM
export ORACLE_TERM
NLS_LANG="american_america.EE8ISO8859P2"
export NLS_LANG
export ORACLE_NLS=$ORACLE_HOME/ocommon/nls/admin/data
export ORA_NLS33=$ORACLE_HOME/ocommon/nls/admin/data
export PATH=$ORACLE_HOME/bin:$ORACLE_HOME/admin/bin:$HOME/admin:/usr/ccs/bin:/usr/local/bin:$PATH
export SHLIB_PATH=$ORACLE_HOME/lib32
export LD_LIBRARY_PATH=$ORACLE_HOME/lib
export ORACLE_DOC=$ORACLE_HOME/doc
export ORACLE_BASE=${OADR}/app/oracle
export EPC_DISABLED=TRUE

most importat are PATH, ORACLE_HOME and ORACLE_BASE

make the file executable and place it into .profile of users you want to have rights to work with oracle (or tell hem, that before working with oracle they should run this script)

ensure that users has rights to execute sqlplus, ... and other programs from $ORACLE_HOME/bin
0
 
hraja77Author Commented:
i'm getting this error at the moment when executing from a different user:
note the initial permission denied !!!

wdfndwp:/oracle/product/10.2.0>
wdfndwp:/oracle/product/10.2.0> sqlplus bahiah@ndwp
991446 : map : Permission Denied
991446 : map : Permission Denied
991446 : map : Permission Denied

SQL*Plus: Release 10.2.0.3.0 - Production on Tue Oct 9 15:53:51 2007

Copyright (c) 1982, 2006, Oracle.  All Rights Reserved.

Enter password:
ERROR:
Error while trying to retrieve text for error ORA-12154

0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

  • 6
  • 3
  • 2
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now