Pete Finnigan's Oracle Security Weblog

I saw with great interest the post by Wim titled http://www.orablogs.com/wim/archives/001483.html - (broken link) oracle express edition stating that a free version of Oracle has finally become available. Its called Oracle Express and is available from "http://www.oracle.com/technology/software/products/database/xe/index.html" and there is a news item about it on http://news.com.com/Oracle+to+offer+free+database/2100-1012_3-5920796.html?tag=nefd.top - (broken link) news.com. Basically its a free database that is pre-linked and is quite small 180MB, native installers, free redistributable, some restrictions, can use for production (accounting for the restrictions). It comes with HTMLDB pre-installed. This looks like a fantastic idea and great for small businesses.

Its a cut down 10g R2 and is available for Windows and Linux. Sergio has also talked about it in a post titled " http://www.orablogs.com/sergio/archives/001484.html - (broken link) Oracle Database 10g Express Edition Comes With HTML DB Pre-configured. Sergio's post includes some useful links to a tutorial and a getting started guide. Niall's post titled "Expressing ones self" is interesting as it includes some screen shots of it installed and running and also discusses some of the restrictions and also a comparison to the new SQL Server Express product (also free).

Howard in his post "Expressly Cold" is not totally impressed and on the whole and thinks Oracle Express will be a distraction. Also the one thing that filled me with fear is the lines in the comments at the bottom of this post from the getting started guide that says " Ensure that both CONNECT and RESOURCE are enabled.". Finally Steve points out in his post "Free Oracle 10g Express Edition" that JDeveloper 10g is a great resource for Java / J2EE development and free on Oracle Express.

I will download it after UKOUG and have a proper look from a security perspective.