Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> security problem

security problem

From: Klaus Zeuch <KZeuch_at_hotmail.com>
Date: Wed, 14 Feb 2001 23:53:23 +0100
Message-ID: <96f2ch$u3j$03$1@news.t-online.com> 






User in Oracle 8.1.6 has the following session privileges (select * from
session_privs):



PRIVILEGE





CREATE SESSION



ALTER SESSION



CREATE TABLE



CREATE CLUSTER



CREATE SYNONYM



CREATE VIEW



CREATE SEQUENCE



CREATE DATABASE LINK



CREATE PROCEDURE



EXECUTE ANY PROCEDURE



CREATE TRIGGER



CREATE TYPE



CREATE OPERATOR



CREATE INDEXTYPE


Note: User was granted   execute any procedure    privileg




select * from user_Sys_privs:


retrieves no rows.




select distinct privilege from role_Sys_privs retrieves:



 PRIVILEGE





ALTER SESSION



CREATE CLUSTER



CREATE DATABASE LINK



CREATE INDEXTYPE



CREATE OPERATOR



CREATE PROCEDURE



CREATE SEQUENCE



CREATE SESSION



CREATE SYNONYM



CREATE TABLE



CREATE TRIGGER



CREATE TYPE



CREATE VIEW


Note: User was not granted   execute any procedure   by his roles.



I'm banging my head against the wall: how did that user receive the  execute
any procedure  privilege?



Klaus
Received on Wed Feb 14 2001 - 16:53:23 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US