Alternative to ALL FILES execute permission

Similar Messages

• Should deployed class files execute permission should be 755?

  im getting the following error
  Request URI:/OA_HTML/OA.jsp
  Exception:
  java.lang.ClassFormatError: adb/oracle/apps/xxtra/gtl/webui/XxtraGtlInquiryCO (Illegal constant pool type)

  Although there should be execute permissions on the class file, this issue is not because of file permission.
  There is a JDK bug (http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4165020) for applet classloader.
  For us (since we are not trying to load an applet codebase), this could also be due to corrupted class file.
  upload the file in binary mode , bounce server and retry.
  Tapash

• ColdFusion 11 on RHEL, All Files in cfusion/bin are NOT executable.

  Installed CF11 on RHEL and all the files in cfusion/bin are set to rw instead of rwx. I've tried both an upgrade install from CF9 and a fresh, clean install after removing CF9. No change. I've also tried both the prod an prod-secure profiles. How do I get around this? I see nothing related to this in documentation for the Linux installer.

  RESOLVED: The CF installer writes a shell script into /tmp and tries to execute at the end of the install. For us, due to server lockdown for PCI DSS, we set the noexec or umask on certain file systems, so the shell script never executed. Remounted /tmp with execute permission until the installation and setup was done. Also had to update the cf_home directory group and user owner as it was mixed between root and the provided runtime user.

• All reports not working, with execute permission denied error.

  Operations manager 2012 R2,
  all reports stopped working. Then i open report and click "add object" or "add group" i get error:
  Note:  The following information was gathered when the operation was attempted.  The information may appear cryptic but provides context for the error.  The application will continue to run.
  The EXECUTE permission was denied on the object 'ManagedEntityTypeGetBySystemName', database 'OperationsManagerDW', schema 'dbo'.
  In SQL  there is EXECUTE permission on object 'ManagedEntityTypeGetBySystemName'
  what esle can be wrong ?

  Take a look at
  this.
  Jonathan Almquist | SCOMskills, LLC (http://scomskills.com)

• Is there a quick way to get permission to read and write all files betweem my macs on my own ethernet network?

  I have a  desktop,mini(os10.5.8)and macbook pro(os10.7.2)
  etherneted together.
  I'd like to be able to read/write files without having to get permission
  in 'get info' each time..
  Is there an easy way do that?
  thanks
  d

  Hello,
  I have the same question, but I would also like to add:
  How can I create a new user on my laptop with IDENTICAL rights to all files as my main user?  Like above, without having to go in and change the info.
  Thank you
  MacBook Pro  with Lion

• EXECUTE permission denied on object 'xp_sqlagent_notify', database 'mssqlsystemresource', schema 'sys'.

  I'm trying to create a new subscriptions on an existing report and get the following error.
  An internal error occurred on the report server. See the error log for more details. (rsInternalError) Get Online Help
  Get Online Help
  EXECUTE permission denied on object 'xp_sqlagent_notify', database 'mssqlsystemresource', schema 'sys'.
  I ran the following that was suggested in http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=17774&SiteID=1. But still I get the same error. Do I need a reboot or restart of the services?
  The only log file information I can find contains the following.
  System.Web.Services.Protocols.SoapException: System.Web.Services.Protocols.SoapException: An internal error occurred on the report server. See the error log for more details. ---> Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details. ---> System.Data.SqlClient.SqlException: EXECUTE permission denied on object 'xp_sqlagent_notify', database 'mssqlsystemresource', schema 'sys'.
     --- End of inner exception stack trace ---
     at Microsoft.ReportingServices.WebServer.ReportingService2005.ListSchedules(Schedule[]& Schedules)
     at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
     at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
     at Microsoft.SqlServer.ReportingServices2005.ReportingService2005.ListSchedules()
     at Microsoft.SqlServer.ReportingServices2005.RSConnection.ListSchedules()
     at Microsoft.ReportingServices.UI.SharedScheduleDropDown.EnsureSchedulesAreLoaded()
     at Microsoft.ReportingServices.UI.SharedScheduleDropDown.SharedScheduleDropDown_Load(Object sender, EventArgs e)
     at System.Web.UI.Control.OnLoad(EventArgs e)
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Control.LoadRecursive()
     at System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint)
  aspnet_wp!ui!1!17/10/2006-08:44:26:: e ERROR: Exception in ShowErrorPage: System.Threading.ThreadAbortException: Thread was being aborted.
     at System.Threading.Thread.AbortInternal()
     at System.Threading.Thread.Abort(Object stateInfo)
     at System.Web.HttpResponse.End()
     at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm)
     at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg) at    at System.Threading.Thread.AbortInternal()
     at System.Threading.Thread.Abort(Object stateInfo)
     at System.Web.HttpResponse.End()
     at System.Web.HttpServerUtility.Transfer(String path, Boolean preserveForm)
     at Microsoft.ReportingServices.UI.ReportingPage.ShowErrorPage(String errMsg)
  aspnet_wp!extensionfactory!e!17/10/2006-09:35:13:: w WARN: The extension Report Server Email does not have a LocalizedNameAttribute.
  aspnet_wp!extensionfactory!e!17/10/2006-09:35:13:: w WARN: The extension Report Server FileShare does not have a LocalizedNameAttribute.
  aspnet_wp!ui!e!17/10/2006-09:35:13:: e ERROR: System.Web.Services.Protocols.SoapException: An internal error occurred on the report server. See the error log for more details. ---> Microsoft.ReportingServices.Diagnostics.Utilities.InternalCatalogException: An internal error occurred on the report server. See the error log for more details. ---> System.Data.SqlClient.SqlException: EXECUTE permission denied on object 'xp_sqlagent_notify', database 'mssqlsystemresource', schema 'sys'.
     --- End of inner exception stack trace ---
     at Microsoft.ReportingServices.WebServer.ReportingService2005.ListSchedules(Schedule[]& Schedules)
  aspnet_wp!ui!e!17/10/2006-09:35:13:: e ERROR: HTTP status code --> 200
  I cannot find any other error log.
  Can anybody help?
  Tuesday, October 17, 2006 8:49 AM
  Reply
  |
  Quote
  All replies
  0
  Sign in to vote
  Sorry for the late reply. Try this: http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=662319&SiteID=1
  Thursday, November 16, 2006 2:51 AM
  Reply
  |
  Quote
  Answerer
  0
  Sign in to vote
  GRANT EXECUTE ON master.dbo.xp_sqlagent_notify TO RSExecRole
  GO
  solved my problem.
  Proposed as answer by
  Christopher D. Stover
  Monday, September 16, 2013 6:52 PM
  Monday, September 16, 2013 6:51 PM
  Reply
  |
  Quote
  0
  Sign in to vote
  Tried that but no joy. Found this post on SQLServerCentral, solved our issue which mimic's the posters issue.  Just adding here as this is the first result in our search.
  Look for Topic452669-150-1
  There are a number of places I found with the information in the following
  link:
  http://phew-meme.blogspot.com/2007/10/reporting-service-on-report.html
  In
  my specific case, the RsExecRole role in both the "master" and "msdb" databases
  had had both the "NT Authority\Network Service" and "NTAuthority\System" logins
  removed from its members (the RSExecRole had had all its members removed by
  someone doing some maintenance). I compared another Reporting Services
  installation on another server after reading information in the above
  link.
  Steps:
  1. In Mangement Studio connect to the SQL Server instance
  on which Reporting Services runs.
  2. Databases > system Databases
  3.
  master > Security > Roles > RSExecRole (then add whatever logins are
  required... check in the ReportServer or ReportServerTempDB databases if you're
  not sure)
  4. msdb > Security > Roles > RSExecRole (add the same
  logins you did to the master DB)
  In the end you need the same logins in
  RSExecRole role for the master, msdb, ReportServer, and ReportServerTempDB
  databases. ("ReportServer" is the default Reporting Services database name, in
  case that's not clear ;)
  Monday, March 31, 2014 1:24 PM
  Reply
  |
  Quote
  if (!$.Microsoft) $.Microsoft = {};
  if (!$.Microsoft.Mtps) $.Microsoft.Mtps = {};
  if (!$.Microsoft.Mtps.NetReflectorInit)
  $.Microsoft.Mtps.NetReflectorInit = {
  surveyUrl: 'http://support.microsoft.com/common/survey.aspx?scid=sw%3ben%3b3763&altstyle=narrow&renderoption=overridedefault&theme=tech&url=http://social.technet.microsoft.com/Forums/en-US/3fcc7b54-ce84-48c2-9004-baaac07f2515/execute-permission-denied-on-object-xpsqlagentnotify-database-mssqlsystemresource-schema?forum=sqlreportingservices&P0=055ccfc1-78f5-46ff-8171-33f8ff760a7c',
  throttleRate: "5.00",
  privacyStatementText: "Privacy statement",
  trackerWindowText: "Please do not close this window.Thank you! The survey will appear here when you've completed your visit, so please do not close this window.",
  logoUrl: 'https://www.microsoft.com/library/svy/sto/technet_logo.gif',
  closeButtonUrl: 'https://www.microsoft.com/library/svy/sto/technet-close.gif',
  topBarUrl: 'https://www.microsoft.com/library/svy/sto/top-stripe.gif',
  bottomBarUrl: 'https://www.microsoft.com/library/svy/sto/bottom-stripe.gif',
  blankPage: 'https://social.technet.microsoft.com/forums/blank.htm',
  showSurveyToComscoreUser: 'no'
  setTimeout("Forums.loadScript('https://i1.social.s-msft.com/Forums/resources/NetReflector/NetReflector.js?cver=0%0d%0a')", 1000);
  Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.
  Would you like to participate?
  Privacy statement
  © 2015 Microsoft. All rights reserved.
  Newsletter|Contact Us|Privacy Statement|Terms of Use|Trademarks|Site Feedback
  TechNet
  Products
  IT Resources
  Downloads
  Training
  Support
  Products
  Windows
  Windows Server
  System Center
  Internet Explorer
  Office
  Office 365
  Exchange Server
  SQL Server
  SharePoint Products
  Lync
  See all products »
  Resources
  Curah! curation service
  Evaluation Center
  Learning Resources
  Microsoft Tech Companion App
  Microsoft Technical Communities
  Microsoft Virtual Academy
  Script Center
  Server and Tools Blogs
  TechNet Blogs
  TechNet Flash Newsletter
  TechNet Gallery
  TechNet Library
  TechNet Magazine
  TechNet Subscriptions
  TechNet Video
  TechNet Wiki
  Windows Sysinternals
  Virtual Labs
  Solutions
  Networking
  Cloud and Datacenter
  Security
  Virtualization
  Updates
  Service Packs
  Security Bulletins
  Microsoft Update
  Trials
  Windows Server 2012 R2
  System Center 2012 R2
  Microsoft SQL Server 2012 SP1
  Windows 8.1 Enterprise
  See all trials »
  Related Sites
  Microsoft Download Center
  TechNet Evaluation Center
  Drivers
  Windows Sysinternals
  TechNet Gallery
  Training
  Training Catalog
  Class Locator
  Microsoft Virtual Academy
  Free Windows Server 2012 courses
  Free Windows 8 courses
  SQL Server training
  e-Learning overview
  Certifications
  Certification overview
  MCSA: Windows 8
  Windows Server Certification (MCSE)
  Private Cloud Certification (MCSE)
  SQL Server Certification (MCSE)
  Other resources
  TechNet Events
  Second shot for certification
  Born To Learn blog
  Find technical communities in your area
  Support options
  For small and midsize businesses
  For enterprises
  For developers
  For IT professionals
  From partners
  For technical support
  Support offerings
  For home users
  More support
  Microsoft Premier Online
  Microsoft Fix It Center
  TechNet Forums
  MSDN Forums
  Security Bulletins & Advisories
  International support solutions
  Log a support ticket
  Not an IT pro?
  Microsoft Customer Support
  Microsoft Community Forums
  var railItems = ["/Forums/en-US/rightrailannouncement/Technet/1794d07f-9d4e-4dc0-8c1c-8bfe9d5e0bce"];
  var pageData = {"validUser":false,"autoSubscribe":false};
  var userEmailConfigured = false;
  $(document).ready(function () {
  Forums.ThreadPage.wirePageElements('Search forum questions');

  Tried that but no joy. Found this post on SQLServerCentral, solved our issue which mimic's the posters issue.  Just adding here as this is the first result in our search.
  Look for Topic452669-150-1
  There are a number of places I found with the information in the following
  link:
  http://phew-meme.blogspot.com/2007/10/reporting-service-on-report.html
  In
  my specific case, the RsExecRole role in both the "master" and "msdb" databases
  had had both the "NT Authority\Network Service" and "NTAuthority\System" logins
  removed from its members (the RSExecRole had had all its members removed by
  someone doing some maintenance). I compared another Reporting Services
  installation on another server after reading information in the above
  link.
  Steps:
  1. In Mangement Studio connect to the SQL Server instance
  on which Reporting Services runs.
  2. Databases > system Databases
  3.
  master > Security > Roles > RSExecRole (then add whatever logins are
  required... check in the ReportServer or ReportServerTempDB databases if you're
  not sure)
  4. msdb > Security > Roles > RSExecRole (add the same
  logins you did to the master DB)
  In the end you need the same logins in
  RSExecRole role for the master, msdb, ReportServer, and ReportServerTempDB
  databases. ("ReportServer" is the default Reporting Services database name, in
  case that's not clear ;)

• Weird file renaming permission issues

  Hi!
  We have a file rename permission issue. Here is the background:
  We created a 2008 R2 DFS namespace called UserData with Read/write share permissions for Administrators, Everyone and System. UserData has been granted NTFS permissions as follows:
  Everyone (This folder only): Traverse folder / Execute files, List folder / Read data, Read attributes, Create folders / Append data
  CREATOR OWNER (Subfolders and files only): Full control
  SYSTEM (This folder, subfolders and files): Full control
  Domain Admins (This folder, subfolders and files)
  We then enabled folder redirection for users My documents folder through GPO, setting the following:
  Setting: Basic - Redirect everyones folder to the same location
  Target folder: Create a folder for each user under the root path
  \\domain\UserData
  We also unchecked Grant the user exlusive rights to documents.
  So, now to the really weird behaviour. We logged on to a Windows 7 (x64) client computer with a user who gets this GPO settings and that is not local administrator on the client. The folder is redirected as expected and we can create, delete and write to
  files in anyway we want. We can also rename files if we choose an entirely different name and if we choose a longer or a shorter file name,
  but we cannot rename the file to something with the same letters but different casing.
  Examples of what will work:
  "test" to "testing"
  "test" to "cool"
  "test" to "COOL"
  Examples of what will NOT work:
  "test" to "Test"
  "test" to "tesT"
  "test" to "TEST"
  We the get this error: "File Access Denied. You need permission to perform this action. You require permission from S-1-5-21-220..... to make changes to this file."
  Eventhough I'm pretty sure the share and NTFS permissions of the share are correctly set we have of course checked all the permissions when logged in and the user has Full NTFS control and Read/Write Share permissions.
  We have encountered the same problem on a customer company as well, with a different domain with no links to our domain what so ever. I have also seen similar problems from other people when trying to find the answer on internet. Here is an example:
  http://social.technet.microsoft.com/Forums/en/w7itprosecurity/thread/35ced5bb-ab13-4e28-8c48-7c68ce0b775c
  Anyone have any thoughts?
  /Leyan

  Resent discoveries:
  If I log onto a Windows 7 (x86) Enterprise I face the same Issues.
  If the same user logs on to one of the DFS servers holding the namespace and accesses his folder we experience
  no problems renaming files.
  Customer company states that all is working fine when user logs on to a Windows XP with SP3.
  /Leyan

• The purpose of the executable permission

  Hi,
  What is the purpose behind the execute permission of Unix? Because if you can read it, you can always find a way to execute it anyway.
  The read and write are pretty obvious.
  If you can read a file, even if its execute permission isn't set and you don't have the rights to change the file permissions, you just copy it to your own machine, make it executable, and run it.
  What does execute even mean? If it's Brainfuck code, then with read permissions your typical Brainfuck interpreter can execute it, no execute permission needed. Isn't running a Turing complete esoteric programming language considered executing? Or displaying an HTML file with JavaScript code in it...
  There's probably something behind the execute permission that I don't know. The only way I come into contact with this permission, is in an annoying way: to enable it because it wasn't enabled already while I want to run it. What good (security) purpose does it serve in practice?
  Thanks!

  It isn't solely about security. You can execute anything you can read, it's always been this way.
  s1gma is right in that it 'helps' shells etc. figure out what to execute
  The 2 security aspects I can think of are:
  a) You want an executable to be setuid for some user, but you only want people from a specific group to be able to execute it as setuid.
  They can still execute it by copying, but the setuid flag gets lost, so they'll be executing it as themselves, rather than the user who owned the original file.
  b) Help against "accidental" execution.
  For instance, a good reason to mount something 'noexec' is because it might contain binaries from other machines, where you don't know what's going on.
  So if you want to execute, you want to specifically get a snapshot of the file at your machine, then check if it's really what you want (sha1/md5 sum etc), then finally execute it - most likely by setting the execute permission, then running it.
  Another use for it - in a completely different manner - is for example an init script directory, like you have it in slackware (or at least when I used slackware it worked that way).
  Where all init scripts you wanted to start at boot time where simply marked executable, and the others you had to execute by hand using a shell (sh /etc/rc.d/foo start or whatever it used to be.)
  Last edited by Blµb (2012-03-24 20:09:10)

• Setting file execute permissions--a somewhat arcane question.

  As I've been learning Unix, I'm often impressed by the logic and efficiency of certain features, so when I find things that don't fit this pattern, it really makes me wonder.
  This particular example isn't so much about the design of permissions as it is about the way administrators--even competent ones--use them.
  A case in point:
  -rwxr-xr-x 1 root wheel 5099 Dec 7 2006 /usr/sbin/apachectl
  This means that the file belongs to root, and root can do anything (s)he wants to it--read, write and execute.
  Furthermore, anyone who belongs to the group, wheel (which, correct me if I'm wrong here, is pretty generally confined to root) can read and execute it. They can't write to it because, presumably, you don't want just any old wheel coming along and changing this file, although they may read it, which might be a good thing to do before they execute it.
  Finally, other, that is, any old user, can execute the file, but they can't write to it, and they can't even read it. (Incidentally, why would you want to prevent someone from reading a file that you're allowing them to execute? Element of surprise? But that's not my real question.)
  My real question involves the following: try logging on as anyone other than root and running that file. If Apache is running, try to stop it. It will tell you it isn't running. That's a lie. Okay, maybe an honest mistake, but it isn't true. Now try to start it. It doesn't have to be stopped; you'll get the same error either way: "fopen: Permission denied," it says, "httpd: could not open error log file /private/var/log/httpd/error_log."
  I seem to run into this a lot. A file that I have permission to execute produces an error message when I try to run it because it tries to do something that I don't have permission to do. So why do I have permission to execute the file in the first place?
  Okay, maybe there are some useful things I can do with apachectl, like configtest, that don't require me to be root. Like if I'm editing the httpd.conf file, I can check it with configtest, and then when it's ready I can go get an administrator to restart apache, or something like that. Except for the fact that I can't edit httpd.conf because I only have read access to that file. But maybe there are some imaginable scenarios where it might make sense.
  But there are other files that you simply can't do a darned thing with, yet which still allow you to execute them and be chastised for your lowly permission status. Not only that, but it's a relatively simple matter to construct a script in such a way that it will check to see who is executing it, while it's processing directives, and return an appropriate error message, e.g. "Sorry, 'stop' and 'start' can only be performed by root," instead of allowing some downstream process to do its dirty work. Incidentally, allowing errors to be returned from downstream processes gives unprivileged users some insight into what the script does, which, presumably, is part of what they're trying to prevent by not allowing them to read the script!
  If anyone can shed any light on why things are so often done this way, I'd appreciate it. If not, I guess this is just my Unix rant for the the week.
  Disclaimer: I don't hate Unix. I really like it a lot, in spite of its quirks. No one is perfect; not even me! And don't even get me started on "Windows."

  David Livesay wrote:
  Perhaps you just don't know all the details of that particular application.
  Please fill me in on the details I'm missing. That's why I posted this question.
  I will try. But it is easier to explain why "programs in general" behave a certain way than why a "particular" program might behave a certain way. In particulars, I'm likely to be wrong. In generalities, I'll be more correct.
  The default log location is in a directory that you cannot write to. However, this doesn't have to be the case. It could be anywhere.
  Yes, and the permissions could be anything, but for the current location, the permissions don't make sense. You should always write a script for the situation that exists, assuming anyone who had a reason to move the log file would also have permission to change the file permissions accordingly. It doesn't make sense to set permissions according to what someone might do at some future time.
  Sure it does. To use your apachectl example, Apache can be setup to put its log files anywhere on the system. It can be setup to use any particular user. It is one of the most configurable programs there is. It is "owned" by root so that it can't be messed with. It is "run" by nobody or www, so that, if it is compromised, it won't cause (much) damage. On Unix, there is no way to specify that a program is owned by one particular user and run by another particular user (well, maybe with ACL). For this program, the executable could be owned by www, but, since that user is configurable, that wouldn't make any sense. Plus, user ids are specific to each machine, only root is always uid 0. Plus, it is common practice for various reasons to start up as one user and either promote/demote to a different user. Plus, there are at least a dozen other process and daemon specific details that I'm ignoring. I'm trying to make it as short and sweet as possible.
  There are only a few programs that only root should be able to run.
  Please elaborate. Would this include apachectl in your view? If not, what reason would someone else have for running it when it is just going to fail? And remember, if you're going to say they can move the log file, I'm going to reassert that if they can do that then they can change the permissions accordingly.
  I don't know the low-level details about apachectl in particular. Usually, any daemon or daemon related program can only be started by root, but is actually run as a different user. And while I say "only", that is not true. It is more correct to say "should". Everything is configurable! I might want to test out Apache 3.0, for example. I will have it configured to run as a regular user instead of root, because I am debugging it.
  Usually, it is only very low-level, hardware programs (like fsck) that can only be run as root.
  Many have world execute permission explicitly so anyone can run it. That anyone may be a user who have no privileges at all (such as nobody or www) so that if something it gets hacked, the script kiddie only gets access to nobody's files. Usually, that "anyone" is one of these specific users. That log file is probably owned by and is restricted to that user.
  I don't quite follow you. If "anyone" can run it, that would include root. If someone is trying to hack a system, and can choose whether to run a script as root or an impotent user, why would they choose to run it as an impotent user? If they can only do damage by running a given executable as root, they're going to run it as root, whether or not anyone else has permission to run it.
  You can't choose who to run a program as (unless you are root). A program is owned by whomever owns it. It is run by whomever is logged in. Apache, for example, runs "as" www. If hacked, all they can do is deface your web page, they can't bring down the server or compromise it in any other way. That is also why you shouln't even have root enabled on your system and why you should say in su or sudo mode for very long.

• RunInstaller Execute permission denied

  Hi.
  I downloaded the SW of ORACLE 9.2.0 from the web. I did all the steps to uncompress these 3 files (gunzip and cpio). But when I try to execute RunInstaller I've got the following error:
  ./runInstaller: ./runInstaller: Execute permission denied.
  But the permissions are 777 in all the directories and all the files that are inside the directories. The owner is correct (oracle:dba)
  My server is HPUX-11.00
  Sometime, when you mount the CD but with the wrong options you have the same problem, but this time, y download the files from the web.
  ¿Anybody knows who can I solve this error?

  Yes I have the ROOT in the server and I run the runInstaler with the oracle user and dba group but doesn't work. I run (to check the file) with root user but the same problem.

• Checking Executable Permission for Group

  Hi All,
  Is there a command to check if a file has executable permission for group? I am aware that it can be checked looking at permissions using "ls". But, if the same functionality is implemented in a shell script, is there a command to achieve this? For example, "find" commad with "-perm" option...
  Thanks in advance

  There are several ways to accomplish the task if you want to check a specific file.
  For instance:
  $ touch testfile1
  $ touch testfile2
  $ chmod 740 testfile1
  $ chmod 750 testfile2
  $ ls -l testfile?
  -rwxr-----. 1 dude dude 0 May 13 11:51 testfile1
  -rwxr-x---. 1 dude dude 0 May 13 11:51 testfile2
  $ [ $(ls -l testfile1 | cut -c 7 | grep x ) ] && echo "yes" || echo "no"
  no
  $ [ $(ls -l testfile2 | cut -c 7 | grep x ) ] && echo "yes" || echo "no"
  yes

• Error File.createTempFile permission to delete has not been granted

  Hi,
  I am new in Java. I wrote something easy like this:
  public class Utils {
  public static String createMyTempFile() {
  String result = "";
  try {
  File file = File.createTempFile("test",".txt");
  file.deleteOnExit();
  catch(Exception e){
  result = e.getMessage();
  return result;
  But appear the next error message:
  "Unable to create temporary file"
  But i run the same script with SYS user theres no problem, asume is a permission problem, but i dont know which permissions or how can i grant it.
  Thank you

  Grant Privileges
  The relevant permissions must be granted from SYS for JServer to access the file system:
  EXEC DBMS_JAVA.grant_permission('SCHEMA-NAME', 'java.io.FilePermission', '<<ALL FILES>>', 'read ,write, execute, delete');
  EXEC DBMS_JAVA.grant_permission('SCHEMA-NAME', 'SYS:java.lang.RuntimePermission', 'writeFileDescriptor', '');
  EXEC DBMS_JAVA.grant_permission('SCHEMA-NAME', 'SYS:java.lang.RuntimePermission', 'readFileDescriptor', '');
  GRANT JAVAUSERPRIV TO SCHEMA-NAME;
  The affects of the grant will not be noticed until the grantee reconnects. It is up to the individual to decide on the level of access that is required.
  Depending on the documentation used, you may be told to add the directories you intend to access to your UTL_FILE_DIR parameter in the Init.ora file. I have not found this to be necessary when using the Java approach.

• Multiple devices on same account - how to transfer ALL files in one place?

  Hi,
  I am using my Apple ID on 5 apple devices, incl. 2 laptops and Mac. Need to migrate all files to one computer for syncing with iPhone and cut out some devices, but...
  Question 1:  How I can move ALL my music files from old MB Pro (runs Mac OS X 10.5.8) with iTunes 10 to Mac (runs Mac OS X 10.9.2) with iTunes 11.1.5?
  Note, this includes songs purchased outside of iTunes and burnt from CDs. Is it possible to somehow easily identify the songs that are missing on Mac and copy just them from the old computer, but without manually comparing? For now for whatever reason Mac only has 401 songs vs my old MB Pro has 1670+ songs. So, please suggest how to make the import on the missing songs to Mac as efficient as possible.
  Question 2: How do I deauthorize the device once I copy my old music to Mac? Currently only see the button "Deathorize All" in iTunes on Mac. What if I want to choose which computers I still want to be able to stay on the same Apple ID in iTunes?
  Thanks a lot!!

  Decide which Mac is your primary. On the Mac that is not the primary - create a folder on the desktop - drag all the tunes from iTunes into that folder - copy that folder to an ext HD or a memory stick.
  Plug into the primary Mac and tell iTunes to import all the tunes from the folder.
  iTunes has good sort options so it won't take long to get rid of the duplicates using the Show Duplicates from the View dropdown menu.
  An alternative would be to check at http://dougscripts.com/itunes/ and see if there is a script that will take care of what you want.
  MJ

• Sharepoint foundation 2010, All Files missing

  I'm using SharePoint designer 2010 with SharePoint Foundation and I'm trying to rename a URL of a list. I saw online that I can do this under All Files, but I don't have that available. Is this a limitation of using Foundation? Or are there some permission
  settings I might need to change?

  Hi ,
  I have a test on my machine :rename the list name under the All Files folder can change the url of the list .
  1.      
  As for the All files folder ,you can set it to appear in Central Administration :General Application settings>Configure SharePoint Designer settings>Enable Managing the
  web site URL structure .This will allow the All Files to show up .
  2.      
  You can also configure it in site collection level :Choose Site Actions>Site Settings>SharePoint designer settings .In addition ,only the site administrators can see
  the All Files folder .
  Thanks,

• Script to search all files in specified folder for multiple string text values listed in a source file and output each match to one single results txt file

  I have been searching high and low for this one.  I have a vbscript that can successfully perform the function if one file is listed.  It does a Wscript.echo on the results and if I run this via command using cscript, I can output to a text file
  that way.  However, I cannot seem to get it to work properly if I want it to search ALL the files in the folder.  At one point, I was able to have it create the output file and appear as if it worked, but it never showed any results when the script
  was executed and folder was scanned.  So I am going back to the drawing board and starting from the beginning.
  I also have a txt file that contains the list of string text entries I would like it to search for.  Just for testing, I placed 4 lines of sample text and one single matching text in various target files and nothing comes back.  The current script
  I use for each file has been executed with a few hundred string text lines I want it to search against to well over one thousand.  It might take awhile, but it works every time. The purpose is to let this run against various log files in a folder and
  let it search.  There is no deleting, moving, changing of either the target folder/files to run against, nor of the file that contains the strings to search for.  It is a search (read) only function, going thru the entire contents of the folder and
  when done, performs the loop function and onto the next file to repeat the process until all files are searched.  When completed, instead of running a cscript to execute the script and outputting the results to text, I am trying to create that as part
  of the overall script.  Saving yet another step for me to do.
  My current script is set to append to the same results file and will echo [name of file I am searching]:  No errors found.  Otherwise, the
  output shows the filename and the string text that matched.  Because the results append to it, I can only run the script against each file separately or create individual output names.  I would rather not do that if I could include it all in one.
   This would also free me from babysitting it and running each file script separately upon the other's completion.  I can continue with my job and come back later and view the completed report all in one.  So
  if I could perform this on an entire folder, then I would want the entries to include the filename, the line number that the match occurred on in that file and the string text that was matched (each occurrence).  I don't want the entire line to be listed
  where the error was, just the match itself.
  Example:  (In the event this doesn't display correctly below, each match, it's corresponding filename and line number all go together on the same line.  It somehow posted the example jumbled when I listed it) 
  File1.txt Line 54 
  Job terminated unexpectedly
   File1.txt Line 58 Process not completed
  File1.txt
  Line 101 User input not provided
  File1.txt
  Line 105  Process not completed
  File2.txt
  No errors found
  File3.txt
  Line 35 No tape media found
  File3.txt
  Line 156 Bad surface media
  File3.txt Line 188
  Process terminated
  Those are just random fake examples for this post.
  This allows me to perform analysis on a set of files for various projects I am doing.  Later on, when the entire search is completed, I can go back to the results file and look and see what files had items I wish to follow up on.  Therefore, the
  line number that each match was found on will allow me to see the big picture of what was going on when the entry was logged.
  I actually import the results file into a spreadsheet, where further information is stored regarding each individual text string I am using.  Very useful.
  If you know how I can successfully achieve this in one script, please share.  I have seen plenty of posts out there where people have requested all different aspects of it, but I have yet to see it all put together in one and work successfully.
  Thanks for helping.

  I'm sorry.  I was so consumed in locating the issue that I completely overlooked posting what exactly I was needing  help with.   I did have one created, but I came across one that seemed more organized than what I originally created.  Later
  on I would learn that I had an error in log location on my original script and therefore thought it wasn't working properly.  Now that I am thinking that I am pretty close to achieving what I want with this one, I am just going to stick with it.
  However, I could still use help on it.  I am not sure what I did not set correctly or perhaps overlooking as a typing error that my very last line of this throws an "Expected Statement" error.  If I end with End, then it still gives same
  results.
  So to give credit where I located this:
  http://vbscriptwmi.uw.hu/ch12lev1sec7.html
  I then adjusted it for what I was doing.
  What this does does is it searches thru log files in a directory you specify when prompted.  It looks for words that are contained in another file; objFile2, and outputs the results of all matching words in each of those log files to another file:  errors.log
  Once all files are scanned to the end, the objects are closed and then a message is echoed letting you know (whether there errors found or not), so you know the script has been completed.
  What I had hoped to achieve was an output to the errors.log (when matches were found) the file name, the line number that match was located on in that file and what was the actual string text (not the whole line) that matched.  That way, I can go directly
  to each instance for particular events if further analysis is needed later on.
  So I could use help on what statement should I be closing this with.  What event, events or error did I overlook that I keep getting prompted for that.  Any help would be appreciated.
  Option Explicit
  'Prompt user for the log file they want to search
  Dim varLogPath
  varLogPath = InputBox("Enter the complete path of the logs folder.")
  'Create filesystem object
  Dim oFSO
  Set oFSO = WScript.CreateObject("Scripting.FileSystemObject")
  'Creates the output file that will contain errors found during search
  Dim oTSOut
  Set oTSOut = oFSO.CreateTextFile("c:\Scripts\errors.log")
  'Loop through each file in the folder
  Dim oFile, varFoundNone
  VarFoundNone = True
  For Each oFile In oFSO.GetFolder(varLogPath).Files
      'Verifies files scanned are log files
      If LCase(Right(oFile.Name,3)) = "log" Then
          'Open the log file
          Dim oTS
          oTS = oFSO.OpenTextFile(oFile.Path)
          'Sets the file log that contains error list to look for
          Dim oFile2
          Set oFile2 = oFSO.OpenTextFile("c:\Scripts\livescan\lserrors.txt", ForReading)
          'Begin reading each line of the textstream
          Dim varLine
          Do Until oTS.AtEndOfStream
              varLine = oTS.ReadLine
              Set objRegEx = CreateObject("VBScript.RegExp")
              objRegEx.Global = True  
              Dim colMatches, strName, strText
              Do Until oErrors.AtEndOfStream
                  strName = oFile2.ReadLine
                  objRegEx.Pattern = ".{0,}" & strName & ".{0,}\n"
                  Set colMatches = objRegEx.Execute(varLine)  
                  If colMatches.Count > 0 Then
                      For Each strMatch in colMatches 
                          strText = strText & strMatch.Value
                          WScript.Echo "Errors found."
                          oTSOut.WriteLine oFile.Name, varLine.Line, varLine
                          VarFoundNone = False
                      Next
                  End If
              Loop
              oTS.Close
              oFile2.Close
              oTSOut.Close
              Exit Do
              If VarFoundNone = True Then
                  WScript.Echo "No errors found."
              Else
                  WScript.Echo "Errors found.  Check logfile for more info."
              End If
      End if