Overview of Restrict Mode in TimesTen Utilities

When you run the TimesTen utilities (ttBulkCp, ttIsql, and ttMigrate) with restrict mode, the utilities block certain operations, particularly those that could overwrite existing files or pose security vulnerabilities.

The utilities, along with their client-server versions such as ttBulkCpCS, ttIsqlCS, and ttMigrateCS, add the -restrict command-line option. See ttBulkCp, ttIsql, and ttMigrate in the Oracle TimesTen In-Memory Database Reference.

Instead of using sudo to run the ttBulkCp, ttIsql, and ttMigrate utilities with the -restrict option, users can use their client-server variants (ttBulkCpCS, ttIsqlCS, and ttMigrateCS). These client-server variants can be run by operating system users other than the instance administrator operating system user. There is no need to use the -restrict option, as operating system's file permissions will prevent the overwriting of critical TimesTen files. Since these client-server variants prevent database connections as the instance administrator, users must connect using database account credentials with the appropriate privileges. The only limitation of the client-server variants is that they do not support database creation.