Removing ALL_ views from users

From: Dennis Williams <oracledba.williams_at_gmail.com>
Date: Mon, 30 Mar 2009 09:32:28 -0500
Message-ID: <de807caa0903300732i42191aa1jca8e8bb054b138b_at_mail.gmail.com>

List,

Some security auditors are stating that the ALL_ views are a security risk and are recommending that I revoke them. In particular, they are pointing to ALL_USERS as offering a hacker useful information. My guess is that the ALL_ views are granted to PUBLIC. Has anyone had this requirement? Has anyone successfully revoked this access?

Dennis

--
http://www.freelists.org/webpage/oracle-l

Received on Mon Mar 30 2009 - 09:32:28 CDT

This message: [ Message body ]
Next message: Andrew Kerber: "Re: how to prevent DBA burnout?"
Previous message: Maria Gurenich: "Re: how to prevent DBA burnout?"
Next in thread: Dennis Williams: "Re: Removing ALL_ views from users"
Maybe reply: Dennis Williams: "Re: Removing ALL_ views from users"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message