CATS - Security

Similar Messages

• Problem with automatic database startup (dbora)

  I'm running Linux RHEL5 with 10g v2 database. For some reason the script fails to start the database. But when I logon as user Oracle, I can run dbstart ORCL and the database starts up fine. Below is what I see when the script runs. Not sure why the connection is refused. Thanks in advance for your help.
  Starting dbora: + ORACLE_HOME=/u01/app/oracle/product/10.2.0/db_1
  + ORACLE=oracle
  + PATH=/sbin:/usr/sbin:/bin:/usr/bin:/u01/app/oracle/product/10.2.0/db_1/bin
  ++ hostname
  + HOST=Linux10gVM.norris.intra
  ++ uname
  + PLATFORM=Linux
  + export ORACLE_HOME PATH
  + rsh Linux10gVM.norris.intra -l oracle /etc/rc5.d/S99dbora start ORCL
  Linux10gVM.norris.intra: Connection refused
  + pause ‘Press any key to continue...’
  + read ‘~p’ ‘Press any key to continue...’

  AHA...just as I expected!!!
  My automatic 11g1 start up and shutdown quit working in 3/2009
  after working for months!
  I suspected pam.d
  Here it is : http://blog.fourthirty.org/?cat=45
  #%PAM-1.0
  # For root login to succeed here with pam_securetty, "rsh" must be
  # listed in /etc/securetty.
  auth required pam_nologin.so
  auth required pam_securetty.so
  auth required pam_env.so
  # auth sufficient pam_rhosts.so
  auth sufficient pam_rhosts_auth.so
  account include system-auth
  session optional pam_keyinit.so force revoke
  session include system-auth
  session required pam_loginuid.so
  more www.ask.com search for "dbstart pam.d"
  LMKIII (root) ~ [999]>cd /var/log
  LMKIII (root) /var/log [1000]>cat secure
  Apr 17 18:43:57 LMKIII sshd[2176]: Server listening on 0.0.0.0 port 22.
  Apr 16 18:44:10 LMKIII rshd[2473]: PAM unable to dlopen(/lib/security/pam_rhosts_auth.so): /lib/security/pam_rhosts_auth.so: cannot open shared object file: No such file or directory
  Apr 16 18:44:10 LMKIII rshd[2473]: PAM adding faulty module: /lib/security/pam_rhosts_auth.so
  Apr 16 18:44:11 LMKIII rshd[2473]: pam_rhosts(rsh:auth): denied access to [email protected] as oracle
  Apr 16 18:44:11 LMKIII rshd[2473]: pam_unix(rsh:session): session opened for user oracle by (uid=0)
  Apr 16 18:45:11 LMKIII rshd[2473]: pam_unix(rsh:session): session closed for user oracle
  Apr 16 18:49:07 LMKIII kdm: :0[2881]: pam_unix(kdm:session): session opened for user oracle by (uid=0)
  Apr 16 18:50:41 LMKIII su: pam_unix(su-l:session): session opened for user root by oracle(uid=503)
  Apr 16 18:54:46 LMKIII su: pam_unix(su-l:session): session closed for user root
  Apr 16 18:54:49 LMKIII kdm: :0[2881]: pam_unix(kdm:session): session closed for user oracle
  Apr 16 18:55:01 LMKIII sshd[2176]: Received signal 15; terminating.
  Apr 16 18:56:55 LMKIII sshd[2171]: Server listening on 0.0.0.0 port 22.
  Apr 16 18:57:08 LMKIII rshd[2473]: PAM unable to dlopen(/lib/security/pam_rhosts_auth.so): /lib/security/pam_rhosts_auth.so: cannot open shared object file: No such file or directory
  Apr 16 18:57:08 LMKIII rshd[2473]: PAM adding faulty module: /lib/security/pam_rhosts_auth.so
  Apr 16 18:57:09 LMKIII rshd[2473]: pam_unix(rsh:session): session opened for user oracle by (uid=0)
  Apr 16 18:58:09 LMKIII rshd[2473]: pam_unix(rsh:session): session closed for user oracle
  Apr 16 18:59:26 LMKIII kdm: :0[2880]: pam_unix(kdm:session): session opened for user oracle by (uid=0)
  Apr 16 19:00:31 LMKIII su: pam_unix(su-l:session): session opened for user root by oracle(uid=503)
  Apr 16 19:01:50 LMKIII su: pam_unix(su-l:session): session closed for user root
  Apr 16 19:02:23 LMKIII su: pam_unix(su-l:session): session opened for user root by oracle(uid=503)
  Apr 16 20:48:14 LMKIII sshd[4117]: Address 194.80.134.6 maps to no-reverse-defined.ja.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
  Apr 16 20:48:14 LMKIII sshd[4117]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.80.134.6 user=root
  Apr 16 20:48:16 LMKIII sshd[4117]: Failed password for root from 194.80.134.6 port 51090 ssh2
  Apr 16 20:48:16 LMKIII sshd[4120]: Connection closed by 194.80.134.6
  Apr 16 21:11:12 LMKIII sshd[4287]: Address 194.80.134.6 maps to no-reverse-defined.ja.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
  Apr 16 21:11:12 LMKIII sshd[4287]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.80.134.6 user=root
  Apr 16 21:11:14 LMKIII sshd[4287]: Failed password for root from 194.80.134.6 port 53791 ssh2
  Apr 16 21:11:15 LMKIII sshd[4290]: Connection closed by 194.80.134.6
  Apr 16 21:28:54 LMKIII sshd[4383]: Address 194.80.134.6 maps to no-reverse-defined.ja.net, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!
  Apr 16 21:28:54 LMKIII sshd[4383]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=194.80.134.6 user=root
  Apr 16 21:28:55 LMKIII sshd[4383]: Failed password for root from 194.80.134.6 port 44904 ssh2
  Apr 16 21:28:56 LMKIII sshd[4386]: Connection closed by 194.80.134.6

• SAP XI support SFTP and FTPS?

  Hi Gurus,
    I would like to find out if SAP XI supports both SFTP and FTPS. If yes, how do I perform the configuration?
  Thanks in advance.

  Business Case:
  In many implementations Business requirement is to "secure" the file/data transfer between XI and any third-party system. So there is a need of secured connection between XI/PI and any file based third-party legacy systems.
  Following solutions are proposed to cater secure connection between XI/PI and any third party systems.
  1) SFTP (Secure File Transfer Protocol)
  "SSH File Transfer Protocol" or SFTP is a network protocol that provides file transfer and manipulation functionality over any reliable data stream. It is typically used with the SSH-2 protocol to provide secure file transfer. SFTP encrypts the session, preventing the casual detection of username, password or anything that is being transmitted. One key benefit to SFTP is its ability to handle multiple secure file transfers over a single encrypted pipe. By using a single encrypted pipe, there are fewer holes in the corporate firewall.
  2) FTPS (FTP over SSL)
  FTPS (FTP-SSL) is a real ftp that uses TSL/SSL to encrypt the control session and if required the data session. With FTPS, the control session is always encrypted, but the data session may not be always encrypted. FTPS is a file transport layer on top of SSL. SSL, or Secure Sockets Layer, is a method by which an encrypted u2018pipe' or tunnel is established between the FTP client and FTP server. Once the secure tunnel has been established (which is done using 128-bit encryption techniques), standard FTP is used to transfer data over the secure connection.
  Feasibility of SFTP and FTPS in XI:
  SFTP:
  As per the latest SAP PI/XI support pack, it does not support SFTP via File Adapter.
  So alternative approach to cater this requirement from XI is to make use of Unix Script at OS level to transfer the files from/to third-party systems.
  Inbound Interface - i.e. third-party system ->XI->SAP:
        File is transferred to a folder in SAP XI landscape from the third-party legacy system using UNIX Script with secured protocol. Once the file is ready in the XI landscape, File Adapter will poll this directory and file is picked up by NFS protocol.
  Outbound Interface u2013 i.e. SAP->XI->third-party system:
        XI is responsible for writing a file into a folder in the XI landscape. These files are transferred to the third-party system by executing UNIX scripts with secured protocol i.e. via sFTP.
  Pre-Requisites:
  Public key should be exchanged between external systems and the PI system.
  UNIX shell script has to be developed and scheduled.
  Advantages:
  Highly Secured.
  Ability to handle multiple secure file transfers over a single encrypted pipe .By using a single encrypted pipe, there are fewer holes in the corporate firewall.
  Disadvantages:
  Two-Step process i.e. XI>Temporary folder>External System and vice-versa
  Files have to be temporarily stored in XI server.
  Multiple failure points i.e. XI and Unix script execution
  Maintenance of an external UNIX script.
  Difficulty in monitoring the execution of the shell script as it cannot be monitored thru XI.
  Need to generate keys and install it in the SFTP site as a pre-requisite i.e. SFTP clients must install keys on the server.
  SFTP uses keys rather than certificates. This means that it can't take advantage of the "chains of trust" paradigm facilitated through Certificate Authorities.
  Files from the XI server should be deleted/archived in a periodic manner to increase the disc space so that it will increase the performance.
  Note: UNIX shell Script can be executed as a background job u2018or' can be triggered from SAP XI through OS command at File adapter level.
  FTPS (File Transfer Protocol Using SSL/TLS):
  This is a built-in feature of File adapter in XI. But SAP Java Cryptographic Toolkit must be deployed as a prerequisite. (Refer to note https://service.sap.com/sap/support/notes/821267 Question 28). By default following ports are used:
  Implict FTPs 990 (Control) and 989 (Data)
  Explicit FTPs 21 (Control) and 20 (Data)
  Both use cases can be combined with active and passive mode.
  Advantages:
  Direct transfer of files to/from third-party systems. It is not required to store the files in the XI server temporarily.
  Built-In feature from XI File adapter
  No extra effort in development and maintenance of Unix Script.
  Centralized Monitoring tool from XI
  FTPS uses certificates and therefore can take advantage of "chains of trust" paradigm facilitated through Certificate Authorities. This paradigm makes it possible for two entities to establish a trust relationship without directly exchanging security information, which is important for some applications.
  Disadvantages:
  Requires opening multiple ports forenabling SSLin the firewall. So there are multiple holes in the corporate firewall.
  Not every FTP server supports FTPS and many that do, require a configuration change to activate the FTPS protocol extension.
  Cryptographic toolkit should be installed in XI system though it is not very complex or expensive.
  Conclusion:
  Though SFTP seems more secure as it works through one port, FTPS is easier to configure, monitor and maintain from XI point of view. However, the decision depends on many parameters like, cost/effort, flexibility in use, ease of maintenance, company security policy, failure possibilities etc.
  regards
  kummari

• OMS doesn't start - can't connect to database

  Hi all,
  My dev/test environment won't start OMS anymore. This really has us stopped in our tracks...
  It will start the WebTier, but OMS won't come up:
  [oracle@ora-emcc log]$ $OMS_HOME/bin/emctl status oms
  Oracle Enterprise Manager Cloud Control 12c Release 2
  Copyright (c) 1996, 2012 Oracle Corporation.  All rights reserved.
  WebTier is Up
  Oracle Management Server is not functioning because of the following reason:
  Failed to connect to repository database. OMS will be automatically restarted once it identifies that database and listener are up.
  Trying to check oms details results in an error as well:
  [oracle@ora-emcc config]$ $OMS_HOME/bin/emctl status oms -details -sysman_pwd $SYSMAN_PWD
  Oracle Enterprise Manager Cloud Control 12c Release 2
  Copyright (c) 1996, 2012 Oracle Corporation.  All rights reserved.
  Exception in thread "main" java.util.MissingResourceException: Can't find bundle for base name oracle.security.jps.internal.common.resources.keystore.KeyStoreResources, locale
          at java.util.ResourceBundle.throwMissingResourceException(ResourceBundle.java:1427)
          at java.util.ResourceBundle.getBundleImpl(ResourceBundle.java:1250)
          at java.util.ResourceBundle.getBundle(ResourceBundle.java:952)
          at oracle.security.jps.util.JpsBundle.<init>(JpsBundle.java:70)
          at oracle.security.jps.util.JpsBundle.getResourceBundle(JpsBundle.java:151)
          at oracle.security.jps.util.JpsBundle.getResourceBundle(JpsBundle.java:106)
          at oracle.security.jps.JpsLocalizableException.getResourceBundle(JpsLocalizableException.java:157)
          at oracle.security.jps.JpsLocalizableException.getLocalizedMessage(JpsLocalizableException.java:140)
          at oracle.security.jps.JpsLocalizableException.getLocalizedMessage(JpsLocalizableException.java:131)
          at java.lang.Throwable.toString(Throwable.java:343)
          at java.lang.String.valueOf(String.java:2826)
          at java.lang.StringBuilder.append(StringBuilder.java:115)
          at java.lang.Throwable.printStackTraceAsCause(Throwable.java:536)
          at java.lang.Throwable.printStackTraceAsCause(Throwable.java:545)
          at java.lang.Throwable.printStackTraceAsCause(Throwable.java:545)
          at java.lang.Throwable.printStackTrace(Throwable.java:516)
          at org.apache.log4j.spi.ThrowableInformation.getThrowableStrRep(ThrowableInformation.java:59)
          at org.apache.log4j.spi.LoggingEvent.getThrowableStrRep(LoggingEvent.java:342)
          at org.apache.log4j.WriterAppender.subAppend(WriterAppender.java:304)
          at org.apache.log4j.RollingFileAppender.subAppend(RollingFileAppender.java:234)
          at org.apache.log4j.WriterAppender.append(WriterAppender.java:159)
          at org.apache.log4j.AppenderSkeleton.doAppend(AppenderSkeleton.java:230)
          at org.apache.log4j.helpers.AppenderAttachableImpl.appendLoopOnAppenders(AppenderAttachableImpl.java:65)
          at org.apache.log4j.Category.callAppenders(Category.java:203)
          at org.apache.log4j.Category.forcedLog(Category.java:388)
          at org.apache.log4j.Category.error(Category.java:319)
          at oracle.sysman.emctl.oms.PrintOMSSetupInfo.main(PrintOMSSetupInfo.java:240)
  In the WebLogic Admin Console, I can see that BIP, EMGC_ADMINSERVER and EMGC_OMS1 are all in state Running and health Ok.
  Our OMS and OMR servers are (and have always been) 2 different machines. The database on OMR has always been (and is currently) up and available.
  Checking that I can connect to the repository database on OMR from the OMS server:
  [oracle@ora-emcc ~]$ sqlplus sysman/$SYSMAN_PWD@ora-emccdb:1521/emccdb
  SQL*Plus: Release 11.1.0.7.0 - Production on Thu Oct 10 23:34:53 2013
  Copyright (c) 1982, 2008, Oracle.  All rights reserved.
  Connected to:
  Oracle Database 11g Enterprise Edition Release 11.2.0.3.0 - 64bit Production
  With the Partitioning, OLAP, Data Mining and Real Application Testing options
  SQL>
  Any suggestions will be much appreciated.
  Ed

  Hi all,
  Many thanks for responding. I have opened an SR with Oracle 24 days ago. However, I just noticed I haven't heard from them for 13 days!
  Must ping them to see what's happening...
  I will check out your suggestions. The db and the listener are all fine and up anyway.
  After looking in a lot of logfiles (and uploading them to the SR), it looks as if it could have to do with credentials in a wallet:
  [oracle@ora-emcc log]$ cat secure.log
  2013-10-15 20:07:36,265 [main] INFO oms.ListReposDetails logp.251 - Listing repository details from CredStore
  2013-10-15 20:07:36,269 [main] INFO oms.AdminCredsWalletUtil setInstanceHome.177 - Getting credentials from wallet
  2013-10-15 20:07:36,728 [main] INFO oms.AdminCredsWalletUtil setInstanceHome.192 - Read the credentials from wallet
  2013-10-15 20:07:36,728 [main] INFO util.EmctlUtil logp.251 - Connecting over t3s to: ora-emcc.localdomain/7102 using id: weblogic
  2013-10-15 20:07:38,639 [main] INFO mas.CredStoreUtil logp.251 - getCredential : Got creds for mapName -EM keyName - REPOS_DETAILS
  2013-10-15 20:07:38,639 [main] INFO oms.ListReposDetails logp.251 - Exception thrown when getting repos details from CredStore: javax.management.RuntimeMBeanException: oracle.security.jps.service.keystore.KeyStoreServiceException: JPS-06516: Failed to get credential store. Reason oracle.security.jps.service.credstore.CredStoreException: JPS-01050: Opening of wallet based credential store failed. Reason java.io.IOException: PKI-02002: Unable to open the wallet. Check password.
  I will ping Oracle Support again (it's now with the security team) and see what the feedback is.
  Regards,
  Ed

• Add Security API to ess~cat project

  Hi All,
  I am trying to add the com.sap.security.api.jar to the esscatsap.com project (ESS - Working Time). I can add the file using "Add External Jars..." in project properties->java build path->libraries, but when I rebuild the project the jar file is lost and so I am unable to deploy with the security jar. Has anyone run into a similar issue? Any ideas?
  Thanks,
  -Kevin

  you have to add jar file like this
  DC meta data-used dcs(right click)-add DC-seelct track-select sc(SAP_JEE) there you will find the com.sap.api.security.sda
  reward points if helpful

• I am so fed up with Apple and their lack of testing on Security Updates!!!!

  I am so fed up with Apple, i have lost all hope in them whatsoever. Today i installed the Security Update 2007-009 1.1 and when prompted to restart did so, only to wait 5 minutes with my computer just idling and not restarting. So I then went to the apple menu to restart but still nothing happened. Pushed the Power button on my Mac and it brought up the dialog box for:
  ...Log off...Restart...Shutdown
  But then it quickly logged-out giving me no time to even click on restart , so i logged back in , tried again, and of course it did the same thing again, so i logged back in and force shutdown holding down the power button for 5 seconds. Finally it shut down so i then Powered it back up, logged in with no problems.
  Since the Security Update includes the update of Logic 8.0.1, I went straight to it in applications but found the Logic icon & Logic Node icon replaced by Blue folder icons. Upon clicking on Logic i was prompted with an error stating that it could not open because the file was corrupt, so i decided to delete Logic and along with Logic Node and empty the trash so that it would remove all its files. But now when i clicked on Trash, the window would not come up. I tried just empty trash from the dock but it would not empty the trash either. I can not open any finder window from my dock's Finder Icon.
  I can open finder by clicking on Macintosh HD on my desktop but when i navigate through my folders all of my file icons have these weird sort of Distorted Scan lines through them.
  So i decided i would open disk utility and try and repair whatever the **** is going on. Pressed verify Disk and it tried to Verify the disk but came back a minute after idling, giving me this error:
  Verifying volume “Macintosh HD”
  Checking HFS Plus volume.
  Checking Extents Overflow file.
  Checking Catalog file.
  Checking multi-linked files.
  Checking Catalog hierarchy.
  Checking Extended Attributes file.
  Checking volume bitmap.
  Checking volume information.
  Invalid volume free block count
  (It should be (It should be 4 instead of 6294237)
  Volume Header needs minor repair
  The volume Macintosh HD needs to be repaired.
  Error: The underlying task reported failure on exit
  1 HFS volume checked
  Volume needs repair
  Here is a screenshot of Disk Utility: http://i58.photobucket.com/albums/g269/DjViral/Picture1.png
  So obviously something is wrong because it reported failure on exit and Disk Utility will not even let me click on "Repair Disk", it is just faded out, un-click-able.
  I would like to know what is wrong, and why Apple is releasing such **** as Security Updates. I mean isn't the whole point of a security update to make your computer more secure. Is this a joke or something?
  I have lost all respect for you Apple. Not too mention this happened only 2 months ago with your last security update and i had to get my computer serviced which took 3 weeks. You better explain yourselves, apologize and start getting your sorry act together.

  when prompted to restart did so, only to wait 5 minutes with my computer just idling and not restarting. So I then went to the apple menu to restart but still nothing happened. Pushed the Power button on my Mac
  You should not have done that, it is a process that should never be interrupted.
  For next time:
  There are no guarantees, but following this procedure when installing updates and upgrades on your Mac will go a long way towards avoiding unpleasant after effects and ‘post-update stress disorder’.
  It is also worth noting that it is an extreme rarity for updates to cause upsets to your system, but they may well reveal pre-existing ones, particularly those of which you may have been unaware. If you are actually aware of any glitches, make sure they are fixed before proceeding further.
  So before you do anything else:
  If you can, make a full backup first.
  Turn off sleep mode for both screen and hard disk.
  Disconnect all peripherals except your keyboard and mouse.
  1. Repair Permissions (in Disk Utility)
  2. Verify the state of your hard disk using Disk Utility. If any faults are reported, restart from your install disk (holding down the C key), go to Disk Utility, and repair your startup disk. Restart again to get back to your startup disk.
  At least you can now be reasonably certain that your system does not contain any obvious faults that might cause an update/upgrade to fail.
  3. Download the correct version of the COMBO update from the Apple download site. If your car runs on gasoline you would not want to fill the tank with diesel, so don’t try to install the PPC updater on an Intel Mac!
  If you prefer to download updates via Software Update in the Apple menu (which would ensure that the correct version for your Mac was being downloaded), it is not recommended to allow SU to install major (or even minor) updates automatically. Set Software Update to just download the updater without immediately installing it. There is always the possibility that the combined download and install (which can be a lengthy process) might be interrupted by a power outage or your cat walking across the keyboard, and an interrupted install will almost certainly cause havoc. Once it is downloaded, you can install at a time that suits you. You should make a backup copy of the updater on a CD in case you ever need a reinstall.
  Using the Combo updater ensures that all system files changed since the original 10.4.0 are included, and any that may have been missed out or subsequently damaged will be repaired. The Delta updater, although a temptingly smaller download, only takes you from the previous version to the new one, i.e. for example from 10.4.9 to 10.4.10. Software Update will generally download the Delta updater only. The preferable Combo updater needs to be downloaded from Apple's download site.
  Now proceed as follows:
  4. Close all applications.
  5. Unplug all peripherals except your keyboard and mouse.
  6. Install the update/upgrade. Do not under any circumstances interrupt this procedure. Do not do anything else on your computer while it is installing. Be patient.
  7. When it ask for a restart to complete the installation, click restart. This can take longer than normal, there are probably thousands of files to overwrite and place in the correct location. Do nothing while this is going on.
  8. Once your Mac is awake, repair permissions again, and you should be good to go!
  If your Mac seems slightly sluggish or ‘different’, perform a second restart. It can’t hurt and is sometimes efficacious!
  9. Open a few of your most used applications and check that all is OK. In this connection please remember that not all manufacturers of third party applications and plug-ins, add-ons, haxies etc, will have had time to do any necessary rewrites to their software to make them 10.4.10. compliant. Give them a weeks or two while you regularly check their websites for updates. This applies particularly to plug-ins for Safari 3.
  N.B. Do not attempt to install two different updates at the same time as each may have different routines and requirements. Follow the above recommendations for each update in turn.
  Lastly, Apple's own article on the subject of Software Update may also be useful reading:
  http://docs.info.apple.com/article.html?artnum=106695

• Oracle Security Patch Error while applying --The filename, directory name,

  Hello,
  I am running into strange error while applying Oracle Security Patch 68 by using Opatch.
  Supposedly, All the environment variables are set properly.
  ACTIVE_STATE_PERL=true
  DBMS_TYPE=ORA
  dbs_ora_tnsname=YBQ
  JAVA_HOME=C:\jdk1.3.1_10
  OPATCH_DEBUG=TRUE
  ORACLE_HOME=E:\oracle\ora92
  ORACLE_SID=YBQ
  Path=E:\oracle\OPatch;C:\jdk1.3.1_10\bin;E:\oracle\Perl\bin;E:\oracle\ora92\jre\1.4.2\bin\client;E:\oracle\ora92\jre\1.4.2\bin;E:\oracle\ora92\bin;C:\Program Files\Oracle\jre\1.3.1\bin;C:\Program Files\Oracle\jre\1.1.8\bin;C:\Program Files\Common Files\VERITAS Shared;\NetBackup\bin;C:\Program Files\Windows Resource Kits\Tools\;C:\Program Files\Support Tools\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;E:\usr\sap\YBQ\SYS\exe\run
  Installed Active Perl. latest version
  downloaded Opatch 1.0.0.50
  and the patch number 3738339
  I went to that directory and run the command :
  perl opatch.pl apply
  It started of well.
  OPatch version is: 1.0.0.0.50
  Using ORACLE_HOME/oui to look up oui libs...
  Oracle Home = E:\oracle\ora92
  Location of Oracle Inventory = E:\oracle\ora92\inventory
  Oracle Universal Installer shared library = E:\oracle\ora92\oui\lib\win32\oraInstaller.dll
  Path to Java = "E:\oracle\ora92\jre\1.4.2\bin\java.exe"
  Location of Oracle Inventory Pointer = N/A
  Location of Oracle Universal Installer components = E:\oracle\ora92\oui
  Required Jar File under Oracle Universal Installer = jlib\OraInstaller.jar
  find under OH/oui/jlib
  found OraInstaller.jar
  Checking if this is a RAC system...
  Accessing inventory... This may take up to 300 seconds.
  (retry 10 times, delay 30 seconds each time)
  System Command: ""E:\oracle\ora92\jre\1.4.2\bin\java.exe" -Dopatch.retry=10 -Dopatch.delay=30 -DTRACING.ENABLED=TRUE -DTRACING.LEVEL=2 -Dopatch.debug=true -classpath "E:\oracle\ora92\oui\jlib\OraInstaller.jar;E:\oracle\ora92\oui\jlib\srvm.jar;jlib\opatch.jar;E:\oracle\ora92\oui\jlib\xmlparserv2.jar;E:\oracle\ora92\oui\jlib\share.jar;.:E:\oracle\ora92\jlib\srvm.jar" opatch/O2O "e:\oracle\ora92" "E:\oracle\ora92\oui" opatch.pl 1.0.0.0.50"
  Result:
  ----- DEBUG is ON -------
  oracle.installer.startup_location will be set to E:\oracle\ora92\oui
  oracle.installer.oui_loc will be set to E:\oracle\ora92\oui
  oracle.installer.scratchPath will be set to /tmp
  opatch.local_node_only is OFF
  retryOption is ON: 10
  delayOption is ON: 30
  Few more stuff here .. not pasting the entire contents
  System Command: ""E:\oracle\ora92\jre\1.4.2\bin\java.exe" -Dopatch.retry=10 -Dopatch.delay=30 -DTRACING.ENABLED=TRUE -DTRACING.LEVEL=2 -Dopatch.debug=true -classpath "E:\oracle\ora92\oui\jlib\OraInstaller.jar;E:\oracle\ora92\oui\jlib\srvm.jar;jlib\opatch.jar;E:\oracle\ora92\oui\jlib\xmlparserv2.jar;E:\oracle\ora92\oui\jlib\share.jar;." opatch/CheckConflict "E:\oracle\ora92\oui" "e:\oracle\ora92" opatch.pl 1.0.0.0.50 3738339 "3741539 3528282 3516951 3622875 3668572 3371796 3239873 3356103 3543125 3666502 2800494 2824035 2964252 3617042 3320622 3571233 3253770 3492040 3566469 3354470 3625370 3583686 3150750 3617519 3635177 3597640 3749394 3542588 3698501 2954891 2918138 3559212 3518909 3412818 3430832 3172282 3358490 3637624 3458446 3179637 2810394 3668224 3609791 3566813 3475932 2338704 3412136 3388633 3540576 3571226 3575743 2690205 3240280 3509265 3177513 3575747 3811906 3554319 3752406 3323435 " E:\3738339\etc\config\actions"
  Result:
  opatch.pl version: 1.0.0.0.50
  Copyright (c) 2001-2004 Oracle Corporation. All Rights Reserved.
  The filename, directory name, or volume label syntax is incorrect.
  Error in executing Java program to check conflict
  ERROR: OPatch failed during pre-reqs check.
  Now there is no problem with executing the last java program in the same prompt by removing the first and the last double quote "
  Please advise.
  Thanks in advance.

  hi somnath,
  this is the portal content management forum. for your database question please use the database forums:
  http://forums.oracle.com/forums/index.jsp?cat=18
  thanks,
  christian

• Encryption is not possible in this installation! - in "Create Secure Store"

  Hi,
  We are in the middle of upgrade and While doing UNICODE conversion of SRM5 system, During IMPORT, one of the phase is "Create Secure Store". UNICODE import gives ERROR in "Create Secure Store" phase.
  Below given is ERROR Detail:
  [root@fsp67001] /unicode/import_uc/sapinst_instdir/SRM05/LM/COPY/ORA/SYSTEM/CENTRAL/AS>
  >cat SecureStoreCreate.log
  SAP Secure Store in the File System - Copyright (c) 2003 SAP AG
  Usage:
  SecStoreFS status <standard>
  SecStoreFS exists <standard>
  SecStoreFS create <standard> -noenc
  SecStoreFS create <standard> -enc -p "<key phrase>" [-nostore]
  SecStoreFS insert <standard> <key> <value>
  SecStoreFS encrypt <standard> -p "<key phrase>" [-nostore]
  SecStoreFS updatep <standard> -p "<key phrase>" [-nostore]
  where <standard> is [-s <SID>] [-f <data filename> -k <key filename>]
  Encryption is not possible in this installation!
  +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
  Log Details:
  When you look at command which gets executed in background(Which is
  failing) is given below.
  /usr/java14_64/bin/java -
  classpath /unicode/import_uc/sapinst_instdir/SRM05/LM/COPY/ORA/SYSTEM/CENTRAL/AS/install/sharedlib/launcher.jar -Xmx256m -Xj9
  com.sap.engine.offline.OfflineToolStart
  com.sap.security.core.server.secstorefs.SecStoreFS /unicode/import_uc/sapinst_instdir/SRM05/LM/COPY/ORA/SYSTEM/CENTRAL/AS/install/lib/iaik_jce.jar:/unicode/import_uc/sapinst_instdir/SRM05/LM/COPY/ORA/SYSTEM/CENTRAL/AS/install/sharedlib/exception.jar:/unicode/import_uc/sapinst_instdir/SRM05/LM/COPY/ORA/SYSTEM/CENTRAL/AS/install/sharedlib/logging.jar:/unicode/import_uc/sapinst_instdir/SRM05/LM/COPY/ORA/SYSTEM/CENTRAL/AS/install/sharedlib/tc_sec_secstorefs.jar create -s RSP -
  f /sapmnt/RSP/global/security/data/SecStore.properties -
  k /sapmnt/RSP/global/security/data/SecStore.key -enc -p XXXXXX
  Request  If anybody in the forum has faced similar problem, pls respond back.
  Vijay

  Hi
  <b>Please go through the SAP OSS Notes, which will help -></b>
  Note 501710 - Error when accessing the "secure storage"
  Note 750779 - Safety and Security of User Mapping Data
  Note 1071472 - FileSystem SecureStore connection issues
  Note 914791 - SQL Command console does not work with automatic config
  Related Notes
  Note 520039 - Analysis report for "secure storage"
  Note 516835 - Error SECSTORE023 with secure storage
  Note 502422 - Long texts for error messages SECSTORE021 to SECSTORE031
  Note 501486 - Work process termination when using the "secure storage"
  Do let me know.
  Regards
  - Atul

• 2008 Airport Express utility doesn't work all of a sudden, name reverted to ID, lost security, message not supported.

  The Airport Express I purchased in 2008 worked fine this morning, but when I tried to use Wi-Fi with my cell phone and iMac the light was green on the AE but no signal.  I unplugged AE and unplugged my modem, plugged in my modem, plugged in my AE, it turned green but no signal - that is, the name I had given it did not appear on either my iMac of cell phone.  Then, out of the blue, the original ID for my AE shows up on the iMac and phone and when I selected it my Wi-Fi worked, and is working.  The problem is there now is no security.  I got a message that Airport Utility did not support or something like that.  So then I took the old CD that came with AE (in 2008) and loaded that on my iMac so I could re-establish WPA security.  It seemed to load okay but then the following message popped up, "AirPort can't be installed on this disk [my Macintosh HD]. The version of Mac OS X on this volume is not supported."  Well, yes, since I'd purchased my AE I'd gone through all the cats and recently had upgraded to Mountain Lion, 10.8.5, several weeks ago.  But since this morning I had done nothing new.
  So, it's 12:30am, Apple Care is not open - I'm not even sure I'm still covered - so maybe some night owl out there can tell me what I need to do.  I'm beginning to suspect it might have to do with my operating system upgrade, but don't understand why this problem should suddenly crop up after several weeks.  Any ideas out there?  Oh, and incidentally, my AE was cutting off a lot about a year ago and I took it into an Apple Store and they did something with the software in the device and the cutting off improved but still would occur at least twice a week - something I just lived with. 

  Then, out of the blue, the original ID for my AE shows up on the iMac and phone and when I selected it my Wi-Fi worked, and is working.
  My first thought is that the AirPort Express is normally good for 4-5 years on average, so you may be getting some signals in that regard.
  The AirPort Express reset itself back to factory default settings. The big question now is if you re-configure it again whether it will hold those settings.  Not likely....my opinion.
  The other problem that you have is that Mountain Lion operating system no longer supports the older version of the AirPort Express that you have.
  Oh, and incidentally, my AE was cutting off a lot about a year ago and I took it into an Apple Store and they did something with the software in the device and the cutting off improved but still would occur at least twice a week
  It's really time for a new AirPort Express, which will offer much faster reliable performance....and it will be compatible with AirPort Utility on the Mountain Lion operating system.

• Dock won't hide/show after Tiger security update

  I installed the Dec 27 Tiger security update last night (via SW update) and now the dock is behaving badly. I had it set to automatically show/hide, but it would not show anymore after the update. I always install sec updates, so I did also do the previous one without any problems.
  So far I've done this to try to solve the problem:
  - I changed the settings to turn hiding off and the doc appears and works correctly in that mode. The only problem with it seems to be that it won't show after it hides with hiding turned on.
  - I repaired permissions
  - I shut down and restarted
  - I did a safe-mode restart and a regular restart
  - I trashed my doc preferences, restarted, and recreated the configuration of items I like.
  - I tried removing the preference called /Library/Preferences/com.apple.dockfixup.plist which had no effect, so I put it back. (It's dated 2006 but I have no further info about it.)
  Also, oddly, it seems that my system menus are strictly pull-down now. I am almost sure they had some drop-down behavior before, because I keep clicking on main menu items expecting the submenu to persist, and it doesn't. If I'm not imagining this, perhaps the two issues are related?
  I don't have any system mods or Finder replacement apps.
  Are there any other dock-related files that I could replace from my backup to try to fix this issue?
  Did the update do something specifically to change the dock?
  I really hate to reinstall and reupdate from scratch to fix such a minor problem, but it is 100% annoying. Ideas and commiseration welcome.

  Thank you. I didn't know you could remove the whole folder without wreaking havoc. I will try another user account for thoroughness.
  New info:
  I discovered this morning that both of these problems do not occur with my Contour mouse, only with the Logitech trackball. The trackball has a brand new problem at startup today, which is that it acts like it's constantly right-button-down. It selects only.
  So perhaps its a driver or mouse hardware issue. I think it's suspicious that it started immediately after the update, but since the trackball did not come with a driver, I am not sure I can further troubleshoot it myself. I'll dig around in the system and on the net a bit to see, but I'm probably going to buy another pointing device in order to resolve this. The trackball is only about 2 months old, but maybe it's filled up with cat hair. ... There's a joke in there somewhere.

• Claim My Reward browser security error

   I experienced an issue today after printing with my Officejet Pro 8610.
  Immediately after printing a dialog window popped-up calling on me to Redeem your HP Reward!
  I read the dialog and chose to click the Claim My Reward button. After some processing it opened a new Google Chrome browser window that showed a security error that sounded quite serious.
  The Chrome browser error page read:
  Your connection is not private
  Attackers might be trying to steal you information from hprewards.austin.hp.com
  The error code shown was 
  NET::ERR_CERT_DATE_INVALID
  The URL that was being opened and showed the error was quite long. I'm including the beginning of it below, with the query string removed, to help HP track down the broken certificate or error.
  https://hprewards.austin.hp.com/RRPublic/brRedirection?crver=1&locale=en-AU&
  Here is a screen capture of the Windows application and the browser error I am experiencing. 
  Christopher Hopper

  It looks like it might work if you set up a flashplayer trust file.
  http://www.adobe.com/cfusion/search/index.cfm?loc=en_US&term=flashplayertrustfile&cat=support

• This is a stupid question, I got this iPhone brand new a few days ago and my cat just chewed my earbud wires and it doesn't work anymore. Can Apple replace them for me?

  My earbuds got chewed up by my cat and they are brand new just got the phone 4 days ago

  If you charge your cat rent to live with you (assuming your cat has a job), then you can add the cost of replacement to the rent or take it out of the security deposit. With your new funds, you can go to Apple and buy a new pair of headphones. Hope this helps.

• BEFW11S4- Secured netw'k, but linksys unsecured ntwk still in Avail Netwrks. How do I remove?

  I have secured my network, but on my wireless laptop, when I go to view available wireless networks, a neighbor's network and a "linksys" network appears. My new secure, renamed network does not because of the filters, etc. I am pretty sure that it is my router sending out the signal...
  Why or what causes the "linksys" network to show up? Is it due to file/printer sharing? Should I re-run that set-up?
  How can I delete it or disable it? When I view the networks on my laptop, it asks if I want to connect, but I am connected on my secure network.
  Is it possible to have two networks running at once?
  I appreciate any help on this topic!
  (Edited subject to keep threads from stretching. Thanks!)
  Message Edited by JOHNDOE_06 on 06-24-2007 08:49 AM

  That is not your network but most probably your neighbor's ....so youre like worrying for the neighbor's cat...anybody can broadcast their network , they prefer to do that so that is not your concern in this case. You have to only be worried on your own... ^_^
  "Sometimes your knight in shining armor is just a retard in tin foil.."-ARCHANGEL_06

• Security Filtering on the v7 Web Server using sed_request

  I have been trying to improve protection of an application from cross-site scripting and SQL injection attackes. The ideal solution is the modsecurity rulebase but this is for Apache 2 only so I haev been looking for other solutions. I'm not going to guarantee all of the following since I haven't finished testing it but it looks hopeful so far as an avenue for investigation.
  A direct port of the modsecurity engine to the Sun One / iPlanet web server has been started, with an unsupported implementation with near complete functionality in the version 7 codebase, but not all keywords required for the rules are available in this release and it remains unsupported for production use. A simpler but fully supported solution is the sed filter; which is also provided with the version 7 product, but as a separate NSAPI plugin implementing the sed_request and sed_response server application functions (SAFs) which could theoretically be lifted out and run against earlier versions of the web server.
  So, how does the sed filter help? Well, although the functionality is less than that of the full modsecurity engine and performance is more limited, as implementing the Unix stream editor (sed) support for simple basic regular expressions it is possible to port some of the key modsecurity rules. The approach is a simple one:
  * Choose the key rules for modsecurity that are to implemented, e.g. SQL injection, cross-site scripting, etc
  * Open the rule set for each and copy out the extended regular expression
  * Translate the extended regular expression to a standard basic regular expression, including replacing the found string with nothing
  * Import the new sed rule into the obj.conf for the web server instance
  This is best explained with a simple example.
  First download the modsecurity source code from http://www.modsecurity.org and unpackage the tarball. In the resulting directory tree go to the rules/base_rules subdirectory and open the modsecurity_crs_41_sql_injection_attacks.conf file. In this file are a number of security rules defined, but a simple examination of each will show the format, the phase and a description after the SecRule keyword and some type information. Note that many of the security rules can be applied unchanged by the unsupported Sun One / iPlanet modsecurity engine that will be a full implementation in a future release. After the type information the extended regular expression used to define when the rule is to be applied can be found. For example, consider one SQL injection rule:
  SecRule REQUEST_FILENAME|ARGS_NAMES|ARGS|XML:/* "\buser_tab_columns\b" \
  "phase:2,rev:'2.0.5',capture,t:none,ctl:auditLogParts=+E,pass,no
  log,auditlog,msg:'Blind SQL Injection Attack',id:'959536',tag:'WEB_ATTACK/SQL_INJECTION',tag:'WASCTC/WASC-19',tag:'OWASP_TOP_10/A1',tag:'OWASP_AppSensor/CIE1',tag:'PCI/6.5.2',logdata:'%{TX.0}',severity:'2',setvar:'tx.msg=%{rule.msg}',setvar
  :tx.sql_injection_score=+%{tx.critical_anomaly_score},setvar:tx.anomaly_score=+%
  {tx.critical_anomaly_score},setvar:tx.%{rule.id}-WEB_ATTACK/SQL_INJECTION-%{matched_var_name}=%{tx.0}"
  In this the extended regular expression saying when this rule applies is "\buser_tab_columns\b"
  which tells the rules engine to look for the phrase “user_tab_columns” in the input stream.
  We want to replace this with nothing, so a sample sed rule for this would be
  sed="s/\buser_tab_columns\b//g"
  This says to replace all occurences found in the stream with nothing.
  Taking this to its extreme, which will not result in the fastest processing, but will ptotect from cross-site scripting and SQL injection POST attacks against a back end Oracle environment, we end up with a complex segment of an obj.conf for Oracle iPlanet Web Server 7.09. Details are in the next post.

  This is something like:
  <Object name="default">
  Input fn="insert-filter"
  method="(GET|POST|HEAD)"
  filter="sed-request"
  sed="s/</\\</g"
  sed="s/%3c/\\</g"
  sed="s/%3C/\\</g"
  sed="s/>/\\>/g"
  sed="s/%3e/\\>/g"
  sed="s/%3E/\\>/g"
  sed="s/\x2Eexecscript\b//g"
  sed="s/<body\b.*?\bonload\b//g"
  sed="s/\blivescript://g"
  sed="s/\bsettimeout\b[^a-zA-Z_0-9]*?//g"
  sed="s/\x3C ?iframe//g"
  sed="s/\bsrc\b[^a-zA-Z_0-9]*?\bjavascript://g"
  sed="s/\bsrc\b[^a-zA-Z_0-9]*?\bvbscript://g"
  sed="s/\btype\b[^a-zA-Z_0-9]*?\btext\b[^a-zA-Z_0-9]*?\becmascript\b//g"
  sed="s/\x2Ecookie\b//g"
  sed="s/\x3C\x21\x5Bcdata\x5B//g"
  sed="s/\x2Eaddimport\b//g"
  sed="s/\bhref\b[^a-zA-Z_0-9]*?\bjavascript://g"
  sed="s/\btype\b[^a-zA-Z_0-9]*?\btext\b[^a-zA-Z_0-9]*?\bjscript\b//g"
  sed="s/\balert\b[^a-zA-Z_0-9]*?\x28//g"
  sed="s/\btype\b[^a-zA-Z_0-9]*?\bapplication\b[^a-zA-Z_0-9]*?\bx-vbscript\b//g"
  sed="s/\x3C ?meta\b//g"
  sed="s/\bsrc\b[^a-zA-Z_0-9]*?\bhttp://g"
  sed="s/\btype\b[^a-zA-Z_0-9]*?\btext\b[^a-zA-Z_0-9]*?\bvbscript\b//g"
  sed="s/\bhref\b[^a-zA-Z_0-9]*?\bvbscript://g"
  sed="s/\burl\b[^a-zA-Z_0-9]*?\bjavascript://g"
  sed="s/\x2Einnerhtml\b//g"
  sed="s/\x40import\b//g"
  sed="s/\x3C ?script\b//g"
  sed="s/\btype\b[^a-zA-Z_0-9]*?\btext\b[^a-zA-Z_0-9]*?\bjavascript\b//g"
  sed="s/\x2Efromcharcode\b//g"
  sed="s/\burl\b[^a-zA-Z_0-9]*?\bvbscript://g"
  sed="s/\bsettimeout\b[^a-zA-Z_0-9]*?\x28//g"
  sed="s/<(a|abbr|acronym|address|applet|area|audioscope|b|base|basefront|bdo|bgsound|big|blackface|blink|blockquote|body|bq|br|button|caption|center|cite|code|col|colgroup|comment|dd|del|dfn|dir|div|dl|dt|em|embed|fieldset|fn|font|form|frame|frameset|h1|head|hr|html|i|iframe|ilayer|img|input|ins|isindex|kdb|keygen|label|layer|legend|li|limittext|link|listing|map|marquee|menu|meta|multicol|nobr|noembed|noframes|noscript|nosmartquotes|object|ol|optgroup|option|p|param|plaintext|pre|q|rt|ruby|s|samp|script|select|server|shadow|sidebar|small|spacer|span|strike|strong|style|sub|sup|table|tbody|td|textarea|tfoot|th|thead|title|tr|tt|u|ul|var|wbr|xml|xmp)[^a-zA-Z_0-9]//g"
  sed="s/(asfunction|javascript|vbscript|data|mocha|livescript)://g"
  sed="s/(fromcharcode|alert|eval)\x73*\x28//g"
  sed="s/<!\x5Bcdata\x5B|\x5D>//g"
  sed="s/['\"<]xss['\">]//g"
  sed="s/(88,83,83)//g"
  sed="s/'';!--\"<xss>=&{()}//g"
  sed="s/&{//g"
  sed="s/<!(doctype|entity)//g"
  sed="s/(?i:<style.*?>.*?((@[i\\\\])|(([:=]|(&[#\x28\x29=]x?0*((58)|(3A)|(61)|(3D));?)).*?([(\\\\]|(&[#()=]x?0*((40)|(28)|(92)|(5C));?)))))//g"
  sed="s/(?i:[ /+\t\"\'`]style[ /+\t]*?=.*?([:=]|(&[#()=]x?0*((58)|(3A)|(61)|(3D));?)).*?([(\\\\]|(&[#()=]x?0*((40)|(28)|(92)|(5C));?)))//g"
  sed="s/(?i:<object[ /+\t].*?((type)|(codetype)|(classid)|(code)|(data))[ /+\t]*=)//g"
  sed="s/(?i:[ /+\t\"\'`]datasrc[ +\t]*?=.)//g"
  sed="s/(?i:<base[ /+\t].*?href[ /+\t]*=)//g"
  sed="s/(?i:<link[ /+\t].*?href[ /+\t]*=)//g"
  sed="s/(?i:<meta[ /+\t].*?http-equiv[ /+\t]*=)//g"
  sed="s/(?i:<?import[ /+\t].*?implementation[ /+\t]*=)//g"
  sed="s/(?i:<embed[ /+\t].*?SRC.*?=)//g"
  sed="s/(?i:[ /+\t\"\'`]on\x63\x63\x63+?[ +\t]*?=.)//g"
  sed="s/(?i:<?frame.*?[ /+\t]*?src[ /+\t]*=)//g"
  sed="s/(?i:<isindex[ /+\t>])//g"
  sed="s/(?i:<form.*?>)//g"
  sed="s/(?i:<script.*?[ /+\t]*?src[ /+\t]*=)//g"
  sed="s/(?i:<script.*?>)//g"
  sed="s/(?i:[\"\'][ ]*(([^a-z0-9~_:\'\" ])|(in)).*?(((l|(\\\\u006C))(o|(\\\\u006F))(c|(\\\\u0063))(a|(\\\\u0061))(t|(\\\\u0074))(i|(\\\\u0069))(o|(\\\\u006F))(n|(\\\\u006E)))|((n|(\\\\u006E))(a|(\\\\u0061))(m|(\\\\u006D))(e|(\\\\u0065)))).*?=)//g"
  sed="s/(?i:[\"\'][ ]*(([^a-z0-9~_:\'\" ])|(in)).+?(([.].+?)|([\x5B].*?[\x5D].*?))=)//g"
  sed="s/\bsys\x2Euser_catalog\b//g"
  sed="s/\bsys\x2Euser_tables\b//g"
  sed="s/\bcharindex\b//g"
  sed="s/\bsys\x2Eall_tables\b//g"
  sed="s/\bsys\x2Euser_constraints\b//g"
  sed="s/\bselect\b.{0,40}buser\b//g"
  sed="s/\bwaitfor\b[^a-zA-Z_0-9]*?\bdelay\b//g"
  sed="s/\bselect\b.{0,40}\bsubstring\b//g"
  sed="s/\bsys\x2Euser_triggers\b//g"
  sed="s/\blocate[^a-zA-Z_0-9]+\x28//g"
  sed="s/\bsys\x2Euser_tab_columns\b//g"
  sed="s/\battnotnull\b//g"
  sed="s/\bsys\x28tab\b//g"
  sed="s/\bselect\b.{0,40}\bascii\b//g"
  sed="s/\bsys\x2Euser_views\b//g"
  sed="s/\binstr[^a-zA-Z_0-9]+\x28//g"
  sed="s/\bsys\x2Euser_objects\b//g"
  sed="s/\buser_tables\b//g"
  sed="s/\buser_tab_columns\b//g"
  sed="s/\ball_objects\b//g"
  sed="s/\bsubstr\b//g"
  sed="s/\bsysdba\b//g"
  sed="s/\btextpos[^a-zA-Z_0-9]+\x28//g"
  sed="s/\buser_password\b//g"
  sed="s/\buser_users\b//g"
  sed="s/\buser_constraints\b//g"
  sed="s/\bcolumn_name\b//g"
  sed="s/\bsubstring\b//g"
  sed="s/\bobject_type\b//g"
  sed="s/\bobject_id\b//g"
  sed="s/\buser_ind_columns\b//g"
  sed="s/\bcolumn_id\b//g"
  sed="s/\btable_name\b//g"
  sed="s/\bobject_name\b//g"
  sed="s/\brownum\b//g"
  sed="s/\buser_group\b//g"
  sed="s/\butl_http\b//g"
  sed="s/\bselect\b.*?\bto_number\b//g"
  sed="s/\bgroup\b.*\bbyb.{1,100}?\bhaving\b//g"
  sed="s/\bselect\b.*?\bdata_type\b//g"
  sed="s/\bisnull\b[^a-zA-Z_0-9]*?\x28//g"
  sed="s/\bunion\b.{1,100}?\bselect\b//g"
  sed="s/\binsert\b[^a-zA-Z_0-9]*?\binto\b//g"
  sed="s/\bselect\b.{1,100}?\bcount\b.{1,100}?\bfrom\b//g"
  sed="s/\x3B[^a-zA-Z_0-9]*?\bdrop\b//g"
  sed="s/\bloadb[^a-zA-Z_0-9]*?\bdata\b.*\binfile\b//g"
  sed="s/\bselect\b.*?\bto_char\b//g"
  sed="s/\bdbms_java\b//g"
  sed="s/\bnvarchar\b//g"
  sed="s/\butl_file\b//g"
  sed="s/\binner\b[^a-zA-Z_0-9]*?\bjoin\b//g"
  sed="s/\bselect\b.{1,100}?\bfrom\b.{1,100}?\bwhere\b//g"
  sed="s/\bintob[^a-zA-Z_0-9]*?\bdumpfile\b//g"
  sed="s/\bdelete\b[^a-zA-Z_0-9]*?\bfrom\b//g"
  sed="s/\x3B[^a-zA-Z_0-9]*?\bshutdown\b//g"
  sed="s/\bautonomous_transaction\b//g"
  sed="s/\bdba_users\b//g"
  sed="s/\bselect\b.{1,100}?\btop\b.{1,100}?\bfrom\b//g"
  sed="s/\b(?:coalesce\b|root\x40)//g"
  sed="s/\b(?:(?:rel(?:(?:nam|typ)e|kind)|to_(?:numbe|cha)r|d(?:elete|rop)|group\b[^a-zA-Z_0-9]*\bby|insert|where)\b|s(?:(?:ubstr(?:ing)?|leep)[^a-zA-Z_0-9]+\x28|(?:hutdown|elect)\b)|(?:b(?:enchmark|in)|find_in_set|position|mid)[^a-zA-Z_0-9]+\x28|c(?:o(?:n(?:cat[^a-zA-Z_0-9]+\x28|vert\b)|unt\b)|ha?r\b)|u(?:n(?:hex[^a-zA-Z_0-9]+\x28|ion\b)|pdate\b)|l(?:o(?:cate|wer)[^a-zA-Z_0-9]+\x28|ength\b)|a(?:ttn(?:ame|um)\b|scii[^a-zA-Z_0-9]+\x28)|h(?:aving\b|ex[^a-zA-Z_0-9]+\x28))//g"
  sed="s/(?:[\\\x28\x29\x25#]|--)//g"
  sed="s/\b(?:benchmark|encode)\b//g"

• Boot fails after security update

  Greetings,
  In installed the most recent security update this morning, and after restarting, my machine won't boot up.
  I've followed the existing threads (in case you've also had this problem, the most informative was here:
  http://discussions.apple.com/thread.jspa?threadID=1545171 )
  Here's my machine's current state; I'd appreciate any input!
  I booted to single user mode, and checked the disks using /sbin/fsck -fy . there were no errors reported.
  I booted from my Install Disk 1, repaired the disk (again, no errors), and verified the disk.
  Now, it still does not boot independently; it stalls at the apple logo. Safe boot does not work. It doesn't appear to be a PRAM or SMC issue.
  What should my next move be? Thanks again!

  There are no guarantees, but following this procedure when installing updates and upgrades on your Mac, or even re-installing them, will go a long way towards avoiding unpleasant after effects and ‘post-update stress disorder’.
  It is also worth noting that it is an extreme rarity for updates to cause upsets to your system, but they may well reveal pre-existing ones, particularly those of which you may have been unaware. If you are actually aware of any glitches, make sure they are fixed before proceeding further.
  So before you do anything else:
  If you can, make a full backup first.
  Turn off sleep mode for both screen and hard disk.
  Disconnect all peripherals except your keyboard and mouse.
  1. Repair Permissions (in Disk Utility)
  2. Verify the state of your hard disk using Disk Utility. If any faults are reported, restart from your install disk (holding down the C key), go to Disk Utility, and repair your startup disk. Restart again to get back to your startup disk.
  At least you can now be reasonably certain that your system does not contain any obvious faults that might cause an update/upgrade to fail.
  3. Download the correct version of the COMBO or security update from the Apple download site. If your car runs on gasoline you would not want to fill the tank with diesel, so don’t try to install the PPC updater on an Intel Mac!
  If you prefer to download updates via Software Update in the Apple menu (which would ensure that the correct version for your Mac was being downloaded), it is not recommended to allow SU to install major (or even minor) updates automatically. Set Software Update to just download the updater without immediately installing it. There is always the possibility that the combined download and install (which can be a lengthy process) might be interrupted by a power outage or your cat walking across the keyboard, and an interrupted install will almost certainly cause havoc. Once it is downloaded, you can install at a time that suits you. You should make a backup copy of the updater on a CD in case you ever need a reinstall.
  Using the Combo updater ensures that all system files changed since the original 10.4.0 are included, and any that may have been missed out or subsequently damaged will be repaired. The Delta updater, although a temptingly smaller download, only takes you from the previous version to the new one, i.e. for example from 10.4.10 to 10.4.11. Software Update will generally download the Delta updater only. The preferable Combo updater needs to be downloaded from Apple's download site.
  Now proceed as follows:
  4. Close all applications.
  5. Unplug all peripherals except your keyboard and mouse.
  6. Install the update/upgrade. Do not under any circumstances interrupt this procedure. Do not do anything else on your computer while it is installing. Be patient.
  7. When it ask for a restart to complete the installation, click restart. This can take longer than normal, there are probably thousands of files to overwrite and place in the correct location. Do nothing while this is going on.
  8. Once your Mac is awake, repair permissions again, and you should be good to go!
  If your Mac seems slightly sluggish or ‘different’, perform a second restart. It can’t hurt and is sometimes efficacious!
  9. Open a few of your most used applications and check that all is OK. In this connection please remember that not all manufacturers of third party applications and plug-ins, add-ons, haxies etc, will have had time to do any necessary rewrites to their software to make them 10.4.10. compliant. Give them a weeks or two while you regularly check their websites for updates. This applies particularly to plug-ins for Safari 3.
  N.B. Do not attempt to install two different updates at the same time as each may have different routines and requirements. Follow the above recommendations for each update in turn.
  Lastly, Apple's own article on the subject of Software Update may also be useful reading:
  http://docs.info.apple.com/article.html?artnum=106695
  If you are updating Safari (or just have):
  Input Managers from third parties can do as much harm as good. They use a security loophole to reach right into your applications' code and change that code as the application starts up. If you have installed an OS update and Safari is crashing, the very first thing to do is clear out your InputManagers folders (both in your own Library and in the top-level /Library), log out and log back in, and try again.
  So, disable all third party add-ons before updating Safari, as they may not have been updated yet for the new version. Add them back one by one. If something goes awry, remove it again and check on the software manufacturer's website for news of an update to match your version of Safari. Remember: Tiger up to 10.4.10 used Safari 2.0.4 or, if you downloaded it, Safari 3.0.3 beta. Safari 10.4.11 used Safari 3.0.4 which was not a beta. If Safari 3.1.1 on 10.4.11 is not the fastest browser you have ever used, then something is wrong!
  Moreover, trying to revert to Safari 3.0.4 (or worse still, version 2) when running 10.4.11 or 10.5 can have repercussions, as Safari 3.1.1 uses a completely different webkit on which other applications like iChat, Mail and Dashboard Widgets etc also rely, and may entail you having to reinstall an earlier operating system.
  Most errors reported here after an update are due to an unrepaired or undetected inherent fault in the system, and/or a third party ad-on. Two such add-on that have been frequently mentioned here for causing such problems are Piclens and Pithhelmet. If you have them, trash them.
  Additional tips on software installation here:
  http://docs.info.apple.com/article.html?artnum=106692
  To reiterate, Input Managers reach right into an application and alter its code. This puts the behavior of the affected application outside the control and responsibility of its developers: a recipe for problems. That's not to say that issues absolutely will ensue as a result of Input Managers, but you, as a user, must decide. If the functionality of a specific Input Manager or set thereof is really important to you, you may well choose to assume the associated risk.
  Again, the advice is to remove all Input Managers from the following directories:
  • /Library/InputManagers
  • ~/Library/InputManagers
  especially prior to system updates (they can always be added back one-by-one later).