Wednesday, February 17, 2010

IAM 10.1.4 on Ubuntu

Starting off with a OID Repository, with is of the "Wrong Version" (Installed with REPCA 10.1.4 - trying to install 10.1.4...), now several wizards fail.

It starts with the Delegated Administration Service Configuration Wizard; Apache fails to start with:

Syntax error on line 1113 of /oracle/iam/Apache/Apache/conf/httpd.conf:
Cannot load /oracle/iam/Apache/Apache/libexec/ into server: /oracle/iam/Apache/Apache/libexec/ undefined symbol: dbm_fetch
and several others.
In spite of earlier actions, one needs to:
sudo apt-get install libdb1-compat

That still does not resolve everything - but at least I can use LDAP.

Friday, February 05, 2010

There's quite a leak in 11G

There's quite a security leak in Oracle 11G release 2. You are warned. No patch or workaround known (not installing Java - would that be an option?)
Found on c't (German magizine, see link in title), announced on the Black Hat conference by David Litchfield.


First line of defense: revoke all on DMBS_JAVA, DBMS_JAVA_TEST and DBMS_JVM_EXP_PERMS from PUBLIC.

Update 2

Here's a link to an English version of the original article. Note the "How-to" video is available (again).