| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: sysdba privileges and shutdown
Apologies to Mr Rogers for thinking no-one had answered my query.
Thanks very much
This table system_privilege_map... found it, but now i'm wondering, why is there no mention of it when doing 'select * from dict'
also, would you know which tables this links to, i'm interested to see the "drill" down privileges for the sysdba priv
and did you have any clarification about the shutdown command
(Fair enough rgarding the unix privileges by the way - our security sucks :) )
Thanks again,
Rachel
"Howard J. Rogers" <howardjr2000_at_yahoo.com.au> wrote in message news:<pan.2003.03.07.19.16.38.917589_at_yahoo.com.au>...
> On Fri, 07 Mar 2003 08:41:27 +0000, Rachel Wilson wrote:
>
> > coming from an oracle7 background and having received some oracle 8i
> > training I have been warned about the evils of connect internal.
> >
> > While looking into sysdba and sysoper I have come across what seems to
> > be some confusion. Sybrand in 1999 mentioned in this forum that
> > sysdba was a role and then in 2002 an older and wiser sybrand says
> > it's a privilege - and this latter opinion seems to be the concensus.
> > However looking in the dictionary views such as dba_sys_privs i cannot
> > find any mention of the sysdba priviledge. i can see a DBA role but
> > this comes with its own warnings because the default role can (should)
> > be tweaked for the production environment.
>
>
> You're looking in the wrong place. Select * from system_privilege_map.
> Look at number 83.
>
> >
> > Other reading suggests that these are just keywords and not privileges
> > in the traditional sense although if that is the case how can they be
> > granted to other users?
> >
> > The documentation talks about the extra functionality allowed to
> > priviledged users but not what the exact system priviliges are (in
> > particular I am trying to work out who exactly has rights to shutdown
> > the database)
> >
> > In short:
> > a) could someone please clear up *exactly* what sysdba is and where
> > its associated priviliges can be found in the dictionary views
> > b) how the sqlplus shutdown command works - is it an alter database
> > command - is it a script?
> >
> > i am also wondering why the unix group of dba is allowed sysdba rights
> > as a matter of course - is this not a bit of a security risk?
>
> Only if you posit that anyone and everyone can log on to your Unix box
> with your Unix credentials!
>
> Regards
> HJR
>
>
> >
> > thanking you in advance,
> > Rachel
Received on Mon Mar 10 2003 - 06:07:39 CST
 |
 |