Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> how to revoke access to sys.aud$ in 10G
forgive me if this is a stupid question, I have been away from Oracle
for a while. I have some people in my company who have turned on
auditing in 10G and they noticed that everyone in the database can
query sys.aud$. They want this priv removed since the users can seen
queries this way. I started poking around and found the following:
I can create a new user, grant only "create session" to the user, login as the user and successfully select * from sys.aud$. When I check the session privs doing select * from session_privs I see:
PRIVILEGE
ERROR at line 1:
ORA-01952: system privileges not granted to 'CARL'
I noticed that select any dictionary was granted to public so... I tried revoking it from public.... bad idea. Package standard went bad along with a few others and I could not log back in as "carl". In order to get the database working again I needed to regrant select any dictionary and compile standard.
So.... what is giving a new user access to sys.aud$? If more info is needed let me know.
Carl Received on Wed Jun 22 2005 - 14:49:45 CDT