ORMS Database Listener Configuration Allows any Externally Library can be Executed
(Doc ID 1321049.1)
Last updated on MAY 01, 2018
Applies to:Oracle Retail Merchandising System - Version 184.108.40.206 and later
Information in this document applies to any platform.
The database listener configuration as it is in appendix B in the Oracle Retail Merchandising System (ORMS) 13.1 installation guide raises a security risk as it allows that any externally library can be executed:
(SID_NAME = PLSExtProc)
(ORACLE_HOME = /opt/oracle/product/11.2.0)
(PROGRAM = extproc)
Is there any other way to restrict this and allow Deals / Orders forms this capability to work properly?
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document