gdufo

 

oracle 权限管理

1.system privileges: view => system_privilege_map ,dba_sys_privs,session_privs

2.grant system privilege

sql> grant create session,create table to managers;

sql> grant create session to scott with admin option;

with admin option can grant or revoke privilege from any user or role;

3.sysdba and sysoper privileges:

sysoper: startup,shutdown,alter database open|mount,alter database backup controlfile,

alter tablespace begin/end backup,recover database

alter database archivelog,restricted session

sysdba: sysoper privileges with admin option,create database,recover database until

4.password file members: view:=> v$pwfile_users

5.O7_dictionary_accessibility =true restriction access to view or tables in other schema

6.revoke system privilege

sql> revoke create table from karen;

sql> revoke create session from scott;

7.grant object privilege

sql> grant execute on dbms_pipe to public;

sql> grant update(first_name,salary) on employee to karen with grant option;

8.display object privilege : view => dba_tab_privs, dba_col_privs

9.revoke object privilege

sql> revoke execute on dbms_pipe from scott [cascade constraints];

10.audit record view :=> sys.aud$

11. protecting the audit trail

sql> audit delete on sys.aud$ by access;

12.statement auditing

sql> audit user;

13.privilege auditing

sql> audit select any table by summit by access;

14.schema object auditing

sql> audit lock on summit.employee by access whenever successful;

15.view audit option : view=> all_def_audit_opts,dba_stmt_audit_opts,dba_priv_audit_opts,

dba_obj_audit_opts

16.view audit result: view=> dba_audit_trail,dba_audit_exists,dba_audit_object,

dba_audit_session,dba_audit_statement

posted on 2009-11-23 16:33 gdufo 阅读(173) 评论(0)  编辑  收藏 所属分类: Database (oracle, sqlser,MYSQL)

导航

统计

常用链接

留言簿(6)

随笔分类

随笔档案

文章分类

文章档案

收藏夹

Hibernate

友情链接

搜索

最新评论

阅读排行榜

评论排行榜