Database Reference
In-Depth Information
Trace File Permissions and
_TRACE_FILES_PUBLIC
Trace files are created either on request, e.g., with ALTER SYSTEM SET SQL_TRACE=TRUE or when
internal errors occur. Trace files from foreground processes are located in the directory set
with the parameter USER_DUMP_DEST , whereas trace files from background processes take the
directory setting from the initialization parameter BACKGROUND_DUMP_DEST . In any case, the file
name extension is .trc . By default, trace files are readable only for the owner of the ORACLE
installation (normally “oracle”) or members of the installation group (normally “oinstall”). If a
database administrator does not belong to the installation group, even he or she cannot read
trace files.
Since trace files may contain sensitive information, either as bind variable values or literals,
it is appropriate that the default permissions are restrictive. On a test system, however, where
developers enable SQL trace and need to analyze the output with TKPROF, it's much more
convenient to allow anyone with access to the system to read trace files. A hidden parameter
called _TRACE_FILES_PUBLIC may be used to make newly created trace files readable by everyone.
As shown by running the script hidden_parameter_value.sql , the default setting of the static
parameter is FALSE:
$ cat hidden_parameter_value.sql
col name format a33
col value format a36
set verify off
SELECT x.ksppinm name, y.ksppstvl value
FROM x$ksppi x, x$ksppcv y
WHERE x.inst_id = userenv('Instance')
AND y.inst_id = userenv('Instance')
AND x.indx = y.indx
AND x.ksppinm='&hidden_parameter_name';
$ sqlplus -s / as sysdba @hidden_parameter_value.sql
Enter value for hidden_parameter_name: _trace_files_public
NAME VALUE
--------------------------------- ------------------------------------
_trace_files_public FALSE
Let's have a look at the permissions of files in the user dump destination.
SQL> SHOW PARAMETER user_dump_dest
NAME TYPE VALUE
---------------------------- ----------- ---------------------------------
user_dump_dest string /opt/oracle/obase/admin/TEN/udump
SQL> !cd /opt/oracle/obase/admin/TEN/udump; ls -l
total 68
-rw-r----- 1 oracle oinstall 1024 Jul 21 21:26 ten1_ora_11685.trc
-rw-r----- 1 oracle oinstall 874 Jul 24 02:56 ten1_ora_13035.trc
-rw-r----- 1 oracle oinstall 737 Jul 24 02:56 ten1_ora_13318.trc
 
Search WWH ::




Custom Search