PUBLIC privileges on XDB$ACL
From: <david_at_databasesecurity.com>
Date: Thu, 19 Jul 2012 03:31:52 +0100
Message-ID: <C1C9D363047C403D82DDC55F137B39FF_at_NAUTILUS>
Hey all,
I'm trying to track down the source of a overly permissive privilege issue on XDB$ACL. At about Oracle 9.2 when Oracle XML Database is installed it seems catqm.sql (or one of its sub-scripts) executed
Date: Thu, 19 Jul 2012 03:31:52 +0100
Message-ID: <C1C9D363047C403D82DDC55F137B39FF_at_NAUTILUS>
Hey all,
I'm trying to track down the source of a overly permissive privilege issue on XDB$ACL. At about Oracle 9.2 when Oracle XML Database is installed it seems catqm.sql (or one of its sub-scripts) executed
"grant all on XDB.XDB$ACL to public"
Current version of Oracle don't, but I'm trying to work out if earlier or
later versions also did this too. Any help would be very much appreciated!
Thanks,
David
-- http://www.freelists.org/webpage/oracle-lReceived on Wed Jul 18 2012 - 21:31:52 CDT