http://www.xuebuyuan.com/762024.html
When using the oracle 9I em console client to connect to the 10G database, using the normal connection identity will prompt the lack of select any dictionary permission. But you can connect using the sysdba identity or the normal identity of PL/SQL~
This problem is a bug of oracle9I, and oracle does not plan to solve this problem.
In fact , this may occur from the link from the lower version to the higher version. question.
# Create user
create user angeos identified by angeos;
create user: angeos, password: angeos
#
Grant connect, resource to angeos for user authorization; grant
permission to connect database and access resources to user angeos # Grant create session
for user authorization
, dba to angeos;
CREATE SESSION is a system privilege, it can provide users with the ability to connect to the database.
DBA is a role with over 120 system privileges, so it can let users do almost anything in the database.
# Change the user's password
alter user angeos identified by oracle; change the password of the user angeos to: oracle.
# Delete the user
angeos
drop user angeos;
since the user angeos has a table table1, when deleting a user, we need to specify the keyword CASCADE
drop user angeos cascade;
# CREATE TABLE AS SELECT statement
by querying a table and materializing the query result set to a regular table to create a table.
The structure of the table is copied, but objects such as constraints, indexes, and triggers are not put into the new table.
Example:
create table emp_copy as
select * from scott.emp;
alter any cluster Modify the permission of any cluster
alter any index Modify the permission of any index
alter any role Modify the permission of any role
alter any sequence Modify the permission of any sequence
alter any snapshot Modify any Snapshot permission
alter any table Modify any table permission
alter any trigger Modify any trigger permission
alter cluster Modify the owning cluster permission
alter database Modify the database permission
alter procedure Modify the owned stored procedure permission
alter profile Modify the resource limit profile permission
alter resource cost Set the permission of the story resource cost
alter rollback segment Modify the permission of the rollback segment
alter sequence Modify the owned sequence permission
alter session Modify the permission of the database session
alter sytem Modify the permission set by the database server
alter table Modify the owned table permission
alter tablespace Modify Tablespace permissions
alter user Modify user permissions
analyze Use the analyze command to analyze any table, index and cluster
in the database audit any Set audit options for any database object
audit system Allow system operations to audit
backup any table Backup any table permissions
become user Permission to switch user status
commit any table Permission to submit table
create any cluster Permission to create cluster for any user
create any index Permission to create index for any user
create any procedure permission to create stored procedure for any user
create any sequence Create for any user Sequence permission
create any snapshot Permission to create snapshots for any user
create any synonym permission to create a synonym for any user
create any table permission to create a table for any user
create any trigger permission to create a trigger for any user
create any view permission to create a view for any user
create cluster permission to create a cluster for a user Permissions
create database link Permissions to create user create procedure Permissions
to create stored procedures for users
create profile Permissions to create resource restriction profiles
create public database link Permissions to create public database links
create public synonym Permissions to create public synonyms
create role Permission to create role create rollback segment Permission to
create rollback segment create session Permission to
create session create sequence Permission to
create sequence for user create snapshot Permission to
create snapshot for user
create synonym Permission to create synonym for user
create table Permissions on tables
create tablespace Permissions on creating tablespaces
create user Permissions on creating users
create view permission to create a view for a user
delete any table permission to delete any table row delete any view permission to
delete any view row
delete snapshot permission to delete a row in a snapshot delete table permission to
delete a table row
for a user delete view permission to delete a view row for a user Permission
drop any cluster Permission to delete any cluster
drop any index Permission to delete any index
drop any procedure Permission to delete any stored procedure
drop any role Permission to delete any role
drop any sequence Permission to delete any sequence
drop any snapshot Permission to delete any snapshot
drop any synonym drop any synonym permission
drop any table drop any table permission
drop any trigger drop any trigger permission
drop any view drop any view permission
drop profile drop resource limit profile permission
drop public cluster drop public cluster Permission to
drop public database link
drop public synonym delete public synonym permissions
drop rollback segment delete rollback segment permissions
drop tablespace delete tablespace permissions
drop user delete user permissions
execute any procedure permissions to execute any stored procedure
execute function execute stored function permissions
execute package Permission to execute stored packages
execute procedure Permission to execute user stored procedures
force any transaction Permission to manage the output of uncommitted arbitrary transactions
force transaction Permission to manage the output of uncommitted user transactions
grant any privilege Permission to grant any system privilege
grant any role to grant any role Role permissions
index table Permissions to add indexes to tables
insert any table permissions to insert rows into any table
insert snapshot permissions to insert rows into snapshots
insert table permissions to insert rows into user tables
insert view permissions to insert rows into user views Permission
lock any table Permission to lock any table
manager tablespace Permission to manage (backup availability) tablespace
references table permissions for reference tables
restricted session permissions for creating restricted database sessionsselect
any sequence permissions for using any sequenceselect
any table permissions for any
tableselect snapshot permissions for snapshotsselect
sequence permissions for user sequencesselect
table using user tables Permission to
use select view Permission to use view
unlimited tablespace Permission to unrestricted table space size
update any table Permission to modify rows in any table
update snapshot Permission to modify rows in snapshot
update table Permission to modify rows in user table
update view Permission to modify rows in view
enqueue any queue is the permission to add messages to all queues; dequeue
any queue is the permission to dequeue messages to all queues;
manage any queue is the permission to run DBMS_AQADM under all schemes
1. View all users :
select * from dba_users;
select * from all_users;
select * from user_users;
2. View user or role system permissions:
select * from dba_sys_privs;
select * from user_sys_privs;
3. View user object permissions:
select * from dba_tab_privs;
select * from all_tab_privs;
select * from user_tab_privs;
4. View all Role:
select * from dba_roles;
5. View the roles owned by a user or role:
select * from dba_role_privs;
select * from user_role_privs;
6. Note:
(1) The following statement can view the system privileges provided by Oracle
select name from sys.system_privilege_map
(2) View all system privileges of a user (system privileges including roles)
select privilege from dba_sys_privs where grantee='USER_NAME'
union
select privilege from dba_sys_privs where grantee in (select granted_role from dba_role_privs where grantee='USER_NAME' );
1. Privilege is the user's right to execute a function. In Oracle, according to different system management methods, permissions are divided into two categories: system permissions and entity permissions. System permissions refer to whether an authorized user can connect to the database and what system operations can be performed in the database. Entity permissions refer to the permissions a user has on a specific schema entity (schema). This can be a bit vague, for example: select any table is a system permission, which means that you can view any table. And select on table1 is an entity authority, indicating the query authority for table table1.
2. See the above table
3. Use of the system authority authorization command
Syntax:
GRANT authority name TO user|role|PUBLIC
Among them, PUBLIC means assigning authority to all users in the database
Example : The authorization command of CREATE TABLE assigned to user USER1 authority is as follows :
SQL>GRANT CREATE TABLE TO USER1;
The authorization statement can also add the WITH ADMIN OPTION option, which means that the authorized user can assign the authority it has obtained to other users, such as:
SQL>GRANT CREATE TABLE, CREATE VIEW TO USER1, USER2 WITH ADMIN OPTION;
To know the system privileges owned by each user, you can query the data dictionary USER_SYS_PRIVS, ROLE_SYS_PRIVS.
To reclaim the authority, use the REVOKE command, such as:
SQL>REVOKE CREATE TABLE FROM USER1;
4. Entity authority management
Entity authority refers to the operation authority of a user on a specific schema object.
1. Entity authority classification
Different entity types have different entity authority, as shown in the following table
2. Entity authority grant command The
syntax is as follows:
GRANT entity authority name|ALL TO user|role|PUBLIC
Among them, ALL represents all entity authority of the entity.
For example:
SQL>GRANT SELECT ON BOOKS_QUTHORS TO USER1;
The following statement is used to query the authorization information of the entity privilege of the table:
SQL>SELECT * FROM USER_TAB_PRIVES
To reclaim the entity privilege, use REVOKE, the syntax is as follows:
REVOKE entity privilege name|ALL ON Entity Name FROM Username|Role Name|PUBLIC.
Oracle permission settings and detailed explanation
Guess you like
Origin http://43.154.161.224:23101/article/api/json?id=326273900&siteId=291194637
Recommended
Ranking