Phone (800) 766-1884 for immediate Oracle support & training
Free Oracle Tips

Home Home
Oracle Monitoring
Growth Monitoring
Emergency DBA Support
Installs & Upgrades
Oracle Migration
Oracle Support Plan
Oracle SQL Tuning
Oracle Performance Tuning

 Our Remote DBA Clients
 

Free Oracle Tips

 
HTML Text

Free Oracle App Server Tips

 
HTML Text

 
   
  Oracle Tips by Burleson

Chapter 4 General Oracle Security

Since JUDY has the privilege with the GRANT OPTION, she can grant this to NATHAN.

SQL> connect judy/5ucc355
SQL> grant execute on sys.dbms_lock to nathan;

Now selecting the privileges for NATHAN:

select
   owner,
   table_name,
   grantor,
   privilege,
   grantable
from
   dba_tab_privs
SEE CODE DEPOT FOR FULL SCRIPT
/

OWNER      TABLE_NAME      GRANTOR    PRIVILEGE      GRA
---------- --------------- ---------- -------------- ---
SYS        DBMS_LOCK       JUDY       EXECUTE        NO

Note the GRANTOR of the privilege; it's not SYS, the owner of the package. Instead, the GRANTOR is the user who actually granted it, JUDY.

For good security, you should never have privileges granted with the GRANT OPTION. All the privileges should be given directly by the schema owner and controlled from there. The GRANT OPTION just
 

The above text is an excerpt from:

Oracle Privacy Security Auditing

The Final Word on Oracle Security

 

This is the only authoritative book on Oracle Security, Oracle Privacy, and Oracle Auditing written by two of the world’s leading Oracle Security experts.

This indispensable book is only $39.95 and has an immediate download of working security scripts:

 

http://rampant-books.com/book_2003_2_audit.htm

 

Burleson Oracle consulting & training



 

 

WISE Oracle monitoring software
 

 

Oracle forum for DBA 

 

Rampant TechPress Oracle book publisher

image 

  

 
E-mail us for BC Oracle support:   

Copyright © 1996 -  2012 by Burleson Enterprises. All rights reserved.

Oracle® is the registered trademark of Oracle Corporation.