HSM: WORM_lite Files Can Be Overwritten
(Doc ID 2642106.1)
Last updated on MARCH 02, 2020
Applies to:Oracle Hierarchical Storage Manager (HSM) and StorageTek QFS Software - Version 5.4 and later
Information in this document applies to any platform.
Oracle HSM Write Once Read Many (WORM) file systems let you make files read-only and enforce retention for a specified period. The 'lite' implementations let root users shorten retention periods, delete files and directories, and delete volumes using the sammkfs command. Both standard and emulation modes have both a strict WORM implementation and a less restrictive 'lite' implementation, that relaxes some restrictions for root users. The lite implementations let root users shorten retention periods, delete files and directories, and delete volumes using the file-system creation command sammkfs.
However, an issue was found with the lite implementation where worm_lite files can be replaced/deleted/changed by any user and not just the root user.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document