Question about noexec_user_stack and Oracle

It seems Oracle 10g now 'requires' noexec_user_stack=1 to be enabled on Solaris. Does anyone know if this is just a recommended security practice or Oracle 10g really does depend on this being set? The install process checks for this but allows you to proceed even if it is set to false. I installed and created my first database on this system with it set to false and everything seems okay so far. Just wondering if anyone had anything more in-depth. Seems to me it is just one step oracle is taking to improve security. -Chuck

In article <6c795a35.0411090850.69ed85a5@posting.google.com>, rhugga@yahoo.com (Keg) writes: > It seems Oracle 10g now 'requires' noexec_user_stack=1 to be enabled > on Solaris. Does anyone know if this is just a recommended security > practice or Oracle 10g really does depend on this being set? > > The install process checks for this but allows you to proceed even if > it is set to false. I installed and created my first database on this > system with it set to false and everything seems okay so far. > > Just wondering if anyone had anything more in-depth. Seems to me it is > just one step oracle is taking to improve security. Does Oracle's SQL still accept passwords in clear on the command line for subsequent display in the output of `ps', or did they grow out of that? -- SAm.

rhugga@yahoo.com (Keg) writes: >It seems Oracle 10g now 'requires' noexec_user_stack=1 to be enabled >on Solaris. Does anyone know if this is just a recommended security >practice or Oracle 10g really does depend on this being set? It can't depend on it being set except when it does something really weird like depending on applications SEGVing which try to execute code on the stack. It also has no effect on x86 systems. I think Oracle has no business inquiring about such parameters; they're in the database business, not the hardening business. (So they could put it down as a number of recommended steps) Casper -- Expressed in this posting are my opinions. They are in no way related to opinions held by my employer, Sun Microsystems. Statements on Sun products included here are not gospel and may be fiction rather than truth.

Similiar Articles:

Question about noexec_user_stack and Oracle - comp.sys.sun.admin ...
It seems Oracle 10g now 'requires' noexec_user_stack=1 to be enabled on Solaris. Does anyone know if this is just a recommended security practice or O...

Solaris 10 Performance issue:Slow response Oracle Users - comp ...
Question about noexec_user_stack and Oracle - comp.sys.sun ... Solaris Performance Tuning http ... response Oracle Users software.itags.org: Solaris Operating System question ...

Unable to login as oracle user - comp.unix.shell
Select As question - comp.databases.oracle.server Unable to login as oracle user - comp.unix.shell Select As question - comp.databases.oracle.server... function for naming ...

insufficient physical memory while oracle installation - comp.unix ...
... legacy_cpu_support=1 *set cmi_no_init=1 set noexec_user_stack ... for installation is 512MB so I can install Oracle . ... So his question wasn't nearly as stupid as it has ...

Oracle Apps Technology: noexec_user_stack, Solaris and Oracle 10g
Metalink Note 395334.1 explains Why do we need to set NOEXEC_USER_STACK to 1 before Oracle ... Post Your Questions Here

7/24/2012 4:26:15 PM