Write a simple security audit script for Oracle
上一篇 /
下一篇 2006-06-07 00:00:00
/ 个人分类:Oracle管理文章
For Oracle Security
Those who are familiar with the Oracle data dictionary can use the dictionary to find out if their database has any security exposures. Here are some common queries that are used to audit Oracle security.
1. Search for any system privileges that are granted WITH ADMIN OPTION - Privileges that are granted WITH ADMIN can be passed to other users. Hence, many companies prohibit this option, and others check to ensure that all user ID’s are proper. The information for this is located in the DBA_SYS_PRIVS view, and here is the code to do this.
select
grantee,
privilege,
admin_option
from
sys.dba_sys_privs
where
admin_option = 'YES'
and
grantee not in (‘SYS’,’SYSTEM’, etc);
2. Search for any end-users with system privileges - Users with system-level privileges may have access to unwanted areas of the database. For example the “select any table” system privilege may allow unwanted access to a user.
<span lang="EN-US" style="FONT-SIZE: 10pt; FONT-
导入论坛
引用链接
收藏
分享给好友
推荐到圈子
管理
举报
TAG:
