Re: Comments Requested About Granting an "ANY" privilege

From: sybrandb <>
Date: Wed, 23 Apr 2008 01:44:20 -0700 (PDT)
Message-ID: <>

On Apr 23, 1:47 am, "Dereck L. Dietz" <> wrote:
> Oracle 10g
> Perusing the database where I work I've noticed that, among other things,
> the following privileges have been granted as a general rule to all users:
> 1.    select any dictionary
> 2.    select any sequence
> 3.    select any table
> 4.    select any transaction
> Just requesting comments on granting any privilege with the word "ANY" in
> it.
> Thanks.

This demonstrates people who granted this privilege were too lazy to find out which privileges were really required. Those people should be shown to the door of unemployment, as they render databases unsecure.
Remember most threats do not come from the outside, but from within.

Sybrand Bakker
Senior Oracle DBA
Received on Wed Apr 23 2008 - 03:44:20 CDT

Original text of this message