Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: User with NO tablespace quota can still accesss and write to tablespace!

Re: User with NO tablespace quota can still accesss and write to tablespace!

From: Pete Finnigan <plsql_at_petefinnigan.com>
Date: Wed, 21 Jan 2004 23:06:38 +0000
Message-ID: <8O6frqA+XwDARxt5@peterfinnigan.demon.co.uk> 





Hi,



Your user probably has unlimited tablespace granted. I have a script on
my site that lists all privileges granted to a user including
hierarchically via roles. You can get output to a file or to the screen,
just follow the prompts. Its called find_all_privs.sql and is available
at http://www.petefinnigan.com/tools.htm - A sample run for the default
user OUTLN is:



NAME OF USER TO CHECK   [ORCL]: OUTLN



OUTPUT METHOD           [S/F]: S



FILE NAME FOR OUTPUT   [priv.lst]: 


OUTPUT DIRECTORY          [/tmp]: 


old 162:        lv_file_or_screen:='&&output_method';
new 162:        lv_file_or_screen:='S';
old 164:                open_file('&&file_name','&&output_dir');
new 164:                open_file('priv.lst','/tmp');
old 166:        get_privs('&&user_to_find',lv_tabs);
new 166:        get_privs('OUTLN',lv_tabs);




...USER => OUTLN has ROLE CONNECT which contains =>

......SYS PRIV =>ALTER SESSION grantable => NO

......SYS PRIV =>CREATE CLUSTER grantable => NO

......SYS PRIV =>CREATE DATABASE LINK grantable => NO

......SYS PRIV =>CREATE SEQUENCE grantable => NO

......SYS PRIV =>CREATE SESSION grantable => NO

......SYS PRIV =>CREATE SYNONYM grantable => NO

......SYS PRIV =>CREATE TABLE grantable => NO

......SYS PRIV =>CREATE VIEW grantable => NO

...USER => OUTLN has ROLE RESOURCE which contains =>

......SYS PRIV =>CREATE CLUSTER grantable => NO

......SYS PRIV =>CREATE INDEXTYPE grantable => NO

......SYS PRIV =>CREATE OPERATOR grantable => NO

......SYS PRIV =>CREATE PROCEDURE grantable => NO

......SYS PRIV =>CREATE SEQUENCE grantable => NO

......SYS PRIV =>CREATE TABLE grantable => NO

......SYS PRIV =>CREATE TRIGGER grantable => NO

......SYS PRIV =>CREATE TYPE grantable => NO

...SYS PRIV =>EXECUTE ANY PROCEDURE grantable => NO

...SYS PRIV =>UNLIMITED TABLESPACE grantable => NO

...TABLE PRIV =>EXECUTE table_name => OUTLN_PKG grantable => NO




PL/SQL procedure successfully completed.



SQL> 


hope this helps you see what your user has granted.



kind regards



Pete

-- 
Pete Finnigan
email:pete_at_petefinnigan.com
Web site: http://www.petefinnigan.com - Oracle security audit specialists
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.


Received on Wed Jan 21 2004 - 17:06:38 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US