Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Ed Has another post in the catpatch.sql series"] [Next entry: "Use of Windows login details - single sign on for web applications"]

Further advice on catpatch.sql

I made a post here yesterday titled "Ed has another post in the catpatch.sql series" about Edward Stanglers comments in his blog about running catpatch.sql after upgrades. His latest post talked about the need to run catpatch.sql after creating a database with the DBCA. This was because the seed database files are created for 9iR2 at least with rather than

I got an email from Paul this morning making some comments on my post. Paul said that he always creates a database from scratch. He said that this gives him a warm fuzzy feeling as he then knows that the installed binaries and patches are in good shape. He follows, that he knows he doesn't need to re-patch or run catpatch.sql and also it puts the hardware through its paces. He also said he is not against cloning in general but he just doesn't start on a new database server.

I liked the title of Paulís email to me "catpatch and rm -rf /opt/oracle/product/10.1.0/db_1/assistants/dbca/templates/*.dfb" - It is good advice to delete the templates for many reasons that include space or security of the files as they can contain sensitive data.

Thanks for the email Paul and the good insights.