DBA Tips Archive for Oracle

  


[an error occurred while processing this directive]

No Title

[an error occurred while processing this directive]

by Michael New, MichaelNew@earthlink.net, Gradation LLC

Contents

Introduction

Starting with Oracle9i Release 2, the UTL_FILE_DIR init.ora parameter can be made obsolete.

Pre Oracle9i R2 (9.2)

Each directory to be accessed by UTL_FILE must be listed (comma separated) in the UTL_FILE_DIR init.ora parameter. This cannot be done with ALTER SYSTEM (ORA-02095) - you have to bounce the database. The directory must be explicitly specified again in UTL_FILE.FOPEN. And the number of directories that can be listed is limited by the 255 character buffer size.

From Oracle9i R2 (9.2)

Each directory to be accessed by UTL_FILE can be specified via the CREATE DIRECTORY command. And specified via this level of indirection in UTL_FILE.FOPEN.

It is the responsibility of the system and database administrators to implement appropriate file and directory security on the database host. UTL_FILE won't attempt to check for permission before executing an open/read/write/delete request. We expect that the operating system will deny the request where appropriate. UTL_FILE will blindly issue any action requested and look for success or failure return status from the operating system.

By default UTL_FILE will have no file access because it will have no directory access, until granted access by CREATE DIRECTORY by SYS or SYSTEM or a user with DBA privileges. Since access privileges are granted on a per directory basis, the DBA can control directory access by either:

  1. creating separate directories for users with differing access requirements
  2. use operating system utilities and features for controling read and write access by users

Example Basic Usage


sqlplus /nolog set echo on spool crdir02.lis !mkdir /tmp/public_access CONNECT sys/change_on_install AS sysdba; DROP USER crdir02 CASCADE; CREATE USER crdir02 IDENTIFIED BY crdir02; GRANT connect, resource TO crdir02; GRANT public TO crdir02; CREATE OR REPLACE DIRECTORY public_access AS '/tmp/public_access'; GRANT read, write ON DIRECTORY public_access TO public; CONNECT crdir02/crdir02; DECLARE f1 UTL_FILE.FILE_TYPE; BEGIN f1 := UTL_FILE.FOPEN('PUBLIC_ACCESS','exists.dat','w'); UTL_FILE.FCLOSE(f1); END; /

About the Author

Jeffrey Hunter is an Oracle Certified Professional, Java Development Certified Professional, Author, and an Oracle ACE. Jeff currently works as a Senior Database Administrator for The DBA Zone, Inc. located in Pittsburgh, Pennsylvania. His work includes advanced performance tuning, Java and PL/SQL programming, developing high availability solutions, capacity planning, database security, and physical / logical database design in a UNIX / Linux server environment. Jeff's other interests include mathematical encryption theory, tutoring advanced mathematics, programming language processors (compilers and interpreters) in Java and C, LDAP, writing web-based database administration tools, and of course Linux. He has been a Sr. Database Administrator and Software Engineer for over 20 years and maintains his own website site at: http://www.iDevelopment.info. Jeff graduated from Stanislaus State University in Turlock, California, with a Bachelor's degree in Computer Science and Mathematics.



Copyright (c) 1998-2017 Jeffrey M. Hunter. All rights reserved.

All articles, scripts and material located at the Internet address of http://www.idevelopment.info is the copyright of Jeffrey M. Hunter and is protected under copyright laws of the United States. This document may not be hosted on any other site without my express, prior, written permission. Application to host any of the material elsewhere can be made by contacting me at jhunter@idevelopment.info.

I have made every effort and taken great care in making sure that the material included on my web site is technically accurate, but I disclaim any and all responsibility for any loss, damage or destruction of data or any other property which may arise from relying on it. I will in no case be liable for any monetary damages arising from such loss, damage or destruction.

Last modified on
Friday, 17-Sep-2010 21:06:56 EDT
Page Count: 14281