Oracle Database

Page 6

About ANY and PUBLIC Privileges ............................................................................................... 4-5 Managing User Roles............................................................................................................................... 4-6 About User Roles................................................................................................................................ 4-6 Properties of Roles and Why They Are Advantageous ........................................................ 4-6 Common Uses of Roles ............................................................................................................. 4-7 How Roles Affect the Scope of a User's Privileges ............................................................... 4-8 How Roles Work in PL/SQL Blocks ....................................................................................... 4-8 How Roles Aid or Restrict DDL Usage ................................................................................... 4-8 How Operating Systems Can Aid Roles.................................................................................. 4-9 How Roles Work in a Distributed Environment................................................................. 4-10 Predefined Roles in an Oracle Database Installation ................................................................ 4-10 Creating a Role ................................................................................................................................ 4-13 Specifying the Type of Role Authorization ................................................................................. 4-14 Authorizing a Roles by Using the Database ........................................................................ 4-14 Authorizing a Role by Using an Application ...................................................................... 4-15 Authorizing a Role by Using an External Source................................................................ 4-15 Global Role Authorization by an Enterprise Directory Service ........................................ 4-16 Granting and Revoking Roles ....................................................................................................... 4-16 Who Can Grant or Revoke Roles? ........................................................................................ 4-17 Dropping Roles................................................................................................................................ 4-17 Restricting SQL*Plus Users from Using Database Roles........................................................... 4-18 Potential Security Problems of Using Ad Hoc Tools .......................................................... 4-18 Limiting Roles Through the PRODUCT_USER_PROFILE Table ..................................... 4-18 Using Stored Procedures to Encapsulate Business Logic .................................................. 4-19 Further Securing Role Privileges by Using Secure Application Roles .................................... 4-19 Managing Object Privileges................................................................................................................ 4-20 About Object Privileges.................................................................................................................. 4-20 Granting or Revoking Object Privileges ...................................................................................... 4-20 Managing Schema Object Privileges ............................................................................................ 4-21 Granting and Revoking Schema Object Privileges ............................................................. 4-21 Who Can Grant Schema Object Privileges? ......................................................................... 4-21 Using Privileges with Synonyms........................................................................................... 4-22 Managing Table Privileges ............................................................................................................ 4-22 How Table Privileges Affect Data Manipulation Language Operations......................... 4-22 How Table Privileges Affect Data Definition Language Operations ............................... 4-23 Managing View Privileges............................................................................................................. 4-23 About View Privileges ............................................................................................................ 4-23 Privileges Required to Create Views..................................................................................... 4-23 Increasing Table Security with Views................................................................................... 4-24 Managing Procedure Privileges .................................................................................................... 4-24 Using the EXECUTE Privilege for Procedure Privileges ................................................... 4-25 Procedure Execution and Security Domains ....................................................................... 4-25 System Privileges Needed to Create or Alter a Procedure ................................................ 4-26 How Procedure Privileges Affect Packages and Package Objects.................................... 4-26 Managing Type Privileges ............................................................................................................. 4-28 System Privileges for Named Types ..................................................................................... 4-28 Object Privileges ...................................................................................................................... 4-28

vi

Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.