Re: Managing Oracle Users
Date: Sat, 1 Aug 2009 11:54:45 -0700 (PDT)
Message-ID: <24294c5e-3ca3-425d-a6bb-49fe2d1a9fbd_at_18g2000yqa.googlegroups.com>
On Jul 31, 8:03 pm, undbund <undb..._at_gmail.com> wrote:
snip
> According to Oracle....
> However, beginning in Oracle Database 10g Release 2 (10.2), the
> CONNECT role has only the CREATE SESSION privilege, all other
> privileges are removed.
>
> This should mean that when the user has only Connect role, he/she
> should only be able to login in and do nothing else.
>
> When I connect using this user... I can see other shemas like sys,
> system, etc and view some of their tables and the data in it, which is
> dangerous. I use Navicat software to work with Oracle.
>
> I did notice that using this user, I can only view some of the tables
> from sys and system shema (as compared to logging in as system), which
> is still dangerous, I think.
>
> I am really lost as to how to prevent this from happening.
>
> All your help is appreciated.
>
> Thanks,
> Undbund
Sometimes people get a little snarky around here.
It might be best to go back to the beginning and start over.
Create a single user ... grant then only the connect role ( since that's what you say you want to test ) ...
Do this via sqlplus and show us the output along the way ...
Then log in as that user again via sqlplus and try these commands ...
select count(*) from user_tables
select count(*) from all_tables
select count(*) from dba_tables
Let us see in your output what the results from these commands were ... Received on Sat Aug 01 2009 - 13:54:45 CDT