Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


Do users need access to UDUMP, CDUMP and BDUMP?

Posted on 2008-10-01
Medium Priority
Last Modified: 2009-04-09

          Do OS users need access to ORacle UDUMP, CDUMP and BDUMP files? If users only have READ persmissions then is this a security issue?

THanks MIssyMadi
Question by:missymadi
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
LVL 74

Expert Comment

ID: 22615678
it can be a security issue, however, the files in those directories can be absolutely necessary for debugging purposes and/or tuning.

You can block access to them, but if you do that, then you'll have to have somebody available to retrieve the files for the blocked users when they are needed.
LVL 23

Expert Comment

ID: 22615899
sdstuber is right, normally you don't allow users to access the default directory for security reasons. What you can do is create a script to move certain files to a separate server or allow users to change the directory via a stored proc.

Here is a Tom's example:
LVL 23

Expert Comment

ID: 22615912
It's more like the DBAs and the dump-file owners need access; others do not.
Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.


Author Comment

ID: 22616180
Is tracing information the only info. collected in the dump files?
LVL 74

Expert Comment

ID: 22616202
memory dumps and status info will be written for errors

Author Comment

ID: 22616388
So is it safe to assume that removing Users OS account (READ) completly from the dump files and only allowing Admin, System and dba's will not break the db functionality?  I know for some files, the USER account must have a least READ or an error will occur.
LVL 74

Accepted Solution

sdstuber earned 300 total points
ID: 22616422
the only account that "needs" access is the oracle account itself.  If you give it to the entire dba group and other admins, that's fine too.  

As long as oracle itself can write to the files, the db will run just fine

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This post first appeared at Oracleinaction  (http://oracleinaction.com/undo-and-redo-in-oracle/)by Anju Garg (Myself). I  will demonstrate that undo for DML’s is stored both in undo tablespace and online redo logs. Then, we will analyze the reaso…
Shell script to create broker configuration file using current broker Configuration, solely for purpose of backup on Linux. Script may need to be modified depending on OS-installation. Please deploy and verify the script in a test environment.
This video explains at a high level with the mandatory Oracle Memory processes are as well as touching on some of the more common optional ones.
This video shows how to recover a database from a user managed backup

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question