Thread: Why is ALLOW_ABSOLUTE_DBPATHS unsafe?

The "Managing Databases" section of the Administrator's Guide says that
absolute DB paths introduce a security risk.

The CREATE DATABASE documentation says that there are security *AND* data
integrity issues involved with absolute DB paths.

Maybe I'm just not devious enough, but I can't figure out what the risks
are.  Can anyone enlighten me?

Also, why are relative DB paths completely disallowed.  I can see that you
would have to store the location relative to the cluster's path, but I must
be missing something here too.  Thanks for any ideas.

  -- Murphy

_________________________________________________________________
MSN Photos is the easiest way to share and print your photos:
http://photos.msn.com/support/worldwide.aspx

> Maybe I'm just not devious enough, but I can't figure out what the risks
> are.  Can anyone enlighten me?

Security issues include allowing non-privileged users access to
uncontrolled areas of storage. A devious non-privileged user might be
able to execute privileged code or otherwise mess around with data.

Data integrity issues include having the DBA lose control over *where*
data in the database is actually located. If a user decides to configure
some tables under /tmp, the DBA will have no way of knowing and will
have no opportunity to help plan the data storage strategy for his
system.

> Also, why are relative DB paths completely disallowed.  I can see that you
> would have to store the location relative to the cluster's path, but I must
> be missing something here too.  Thanks for any ideas.

Same reasons as above.

Database designers and administrators tend to be a suspicious and
paranoid lot. If you don't start out that way, losing data the first
time will make you so ;)

hth

                     - Thomas