http://www.vnunet.com/vnunet/news/2169225/microsoft-beats-oracle-security
Oracle vs. Microsoft
Microsoft has been doing a good job in the security arena, no doubt there. But this "<a href="http://www.databasesecurity.com/dbsec/comparison.pdf">report</a>" isn't in-depth enough to draw the conclusions it does.
Devi - so what do you think is deep enough?
A very interesting site, I think. The Idea of Technometry was new for me but worth to be read and thought abot it (although I'm not a native english-speaker and have some difficulties whith this language)
What's the point of having a "more secure" database server, when you can't run it on a really secured Operating System? Big amount of exploits are effectively rendered harmless by protections that are in present in Linux for years, but haven't been adopted my Microsoft until recently, or never. I'm talking about SSP or SELinux...
Does Oracle work with SELinux? I've never tried it! I know it took me about 6 months to get a working LAMP stack to work.
judging by "Oracle Database 10g Release 2 (10.2.0.1) Installation On Fedora Core 5 (FC5)" http://www.oracle-base.com/articles/10g/OracleDB10gR2InstallationOnFedora5.php
It looks like the answer is, "No."
>>SELINUX=disabled
Oracle currently works like a charm with SELinux. Fedora Core, which the article was for, is not an Oracle supported platform at all. Even Oracle leaves SELinux enabled (although in non-enforcing mode) in their operating system distribution.
Anyways, does Windows Vista provide anything comparable to SELinux or systrace or you believe that it is just unneeded? Or maybe planned for later releases?
And I feel sorry for you having to spend six months configuring a LAMP, as most GNU/Linux distributions would work for you out of box. Probably you shouldn't have picked Linux-From-Scratch as your first distro ;o)
Send me a link to info about SELinux and Oracle. Of course SELinux is 'non-enforcing' mode is kind of a no-op!!! no?!
We have integrity controls in Vista. IE runs in low integrity, and can therefore not write to higher-integrity level resources, such as the OS. Firefox will also use this eventually, as can any software that's a socket away from the 'net.
I just went to Oracle.com, and searched for SELinux. All I see are words like:
Page 1 of search results
SELinux=disabled
SELinux=0
Try turning SELinux OFF
Disable SELinux, and reinstall... see if that fixes Have you tried to disable selinux
Did you disable SELINUX? That's usually a problem area
Page 2 of search results
may be running into a problem with SELinux
disable SELinux, and reinstall
Have you tried to disable selinux?
SELInux and Firewalls are disabled, right?
SELinux turned off
If your SELinux is turned on - try turning it off
Did you disable SELINUX?
SELINUX=disabled and it works
I'm not gonna bother looking at the other pages! I get the hint at this stage.
That's too bad it took you 6 months to configure your LAMP stack--not sure if that's an exaggeration. I'll admit I took the same Do It Yourself approach my first time through several years ago; I wanted to know how it all fit together. These days I usually throw on a LAMP bundle that I can tweak afterwards however I need. Try XAMPP: http://www.apachefriends.org/en/xampp.html. There are probably several other good ones as well.
