Oracle_Privileges3 |
- dba_role_privs: describes the dba roles granted to the
current user.
- select owner, grantor, privilege, grantee, grantable from
dba_col_privs
- DESC DBA_USERS;
- select username, profile, account_status from DBA_USERS;
desc user_role_privs; describes
the roles granted to the current user.
SELECT *FROM uesr_role_privs;
desc role_sys_privs;
SELECT *FROM role_sys_privs;
compare any two with a user does not have any table or
role yet
|
- User accounts : ch3 (reference)
-
http://docs.oracle.com/cd/B28359_01/server.111/b28337.pdf#E7.BABDBGIJ
- securing db user accounts
- predefined user accounts
- Admin accounts
- Annonymous
- CTXSYS
- DBSNP
- EXPSYS
- Non-Admin accounts
- Schema Users account
- there are few non admin accounts created during
installation or you added as new user
- expiring and locking user accounts
- creating password
- finding and changing password
- guide to admin user pwd
- guide to pwd management
|
Operating System Authenticated Privileged Connections
You can have the operating system perform the authentication for
privileged connections based around the operating system user that is
running the web server system process. An operating system authenticated
privileged connection in PHP is equivalent to the SQL*Plus connection:
$ sqlplus / as sydba
For / as sysdba access (where no username and password is used) in PHP,
all these must be true:
● The operating system process user is a member of the OS dba group
● PHP is linked with the same ORACLE_HOME software that the database is
using (not Oracle Instant Client)
|
dba_col_privs;
user profile of : system-orcl select owner,grantor, privilege,
grantee, grantable from dba_col_privs
NOTE below, /as-sysdba granted role, all has admin_option,
none OS_Granted
|
user_role_privs;
USERNAME : Name of the user, or PUBLIC
GRANTED_ROLE : Name of the role granted to the user
ADMIN_OPTION : YES or not (NO)
DEFAULT_ROLE : (YES) or not (NO)
OS_GRANTED : If granted by the operating system (YES) or not (NO)
User Scott:
user as sysdba
USER SYSTEM
|
DB USERS:
|
|
desc role_sys_privs;
SELECT *FROM role_sys_privs;
|
compare user_role_privs and db_privs : the user "Baba" does
not have any table yet
|
|
|