Re: Comments Requested About Granting an "ANY" privilege
From: sybrandb <sybrandb_at_gmail.com>
Date: Wed, 23 Apr 2008 01:44:20 -0700 (PDT)
Message-ID: <bbf2ff2c-9bb2-4d51-b4af-7bbdaf940cf3@t63g2000hsf.googlegroups.com>
Date: Wed, 23 Apr 2008 01:44:20 -0700 (PDT)
Message-ID: <bbf2ff2c-9bb2-4d51-b4af-7bbdaf940cf3@t63g2000hsf.googlegroups.com>
On Apr 23, 1:47 am, "Dereck L. Dietz" <diet..._at_ameritech.net> wrote:
> Oracle 10g 10.2.0.3.0
>
> Perusing the database where I work I've noticed that, among other things,
> the following privileges have been granted as a general rule to all users:
>
> 1. select any dictionary
> 2. select any sequence
> 3. select any table
> 4. select any transaction
>
> Just requesting comments on granting any privilege with the word "ANY" in
> it.
>
> Thanks.
This demonstrates people who granted this privilege were too lazy to
find out which privileges were really required.
Those people should be shown to the door of unemployment, as they
render databases unsecure.
Remember most threats do not come from the outside, but from within.
-- Sybrand Bakker Senior Oracle DBAReceived on Wed Apr 23 2008 - 03:44:20 CDT