Oracle permission settings and detailed explanation

Others 2022-04-28 10:52:07 views: 0
http://www.xuebuyuan.com/762024.html

When using the oracle 9I em console client to connect to the 10G database, using the normal connection identity will prompt the lack of select any dictionary permission. But you can connect using the sysdba identity or the normal identity of PL/SQL~

This problem is a bug of oracle9I, and oracle does not plan to solve this problem.

In fact , this may occur from the link from the lower version to the higher version. question.





# Create user

create user angeos identified by angeos;

create user: angeos, password: angeos

#

Grant connect, resource to angeos for user authorization; grant

permission to connect database and access resources to user angeos # Grant create session

for user authorization

, dba to angeos;

CREATE SESSION is a system privilege, it can provide users with the ability to connect to the database.

DBA is a role with over 120 system privileges, so it can let users do almost anything in the database.

# Change the user's password

alter user angeos identified by oracle; change the password of the user angeos to: oracle.

# Delete the user

angeos

drop user angeos;

since the user angeos has a table table1, when deleting a user, we need to specify the keyword CASCADE

drop user angeos cascade;

# CREATE TABLE AS SELECT statement

by querying a table and materializing the query result set to a regular table to create a table.
The structure of the table is copied, but objects such as constraints, indexes, and triggers are not put into the new table.

Example:

create table emp_copy as

select * from scott.emp;



  alter any cluster Modify the permission of any cluster
  alter any index Modify the permission of any index
  alter any role Modify the permission of any role
  alter any sequence Modify the permission of any sequence
  alter any snapshot Modify any Snapshot permission
  alter any table Modify any table permission
  alter any trigger Modify any trigger permission
  alter cluster Modify the owning cluster permission
  alter database Modify the database permission
  alter procedure Modify the owned stored procedure permission
  alter profile Modify the resource limit profile permission
  alter resource cost Set the permission of the story resource cost
  alter rollback segment Modify the permission of the rollback segment
  alter sequence Modify the owned sequence permission
  alter session Modify the permission of the database session
  alter sytem Modify the permission set by the database server
  alter table Modify the owned table permission
  alter tablespace Modify Tablespace permissions
  alter user Modify user permissions
  analyze Use the analyze command to analyze any table, index and cluster
  in the database audit any Set audit options for any database object
  audit system Allow system operations to audit
  backup any table Backup any table permissions
  become user Permission to switch user status
  commit any table Permission to submit table
  create any cluster Permission to create cluster for any user
  create any index Permission to create index for any user
  create any procedure permission to create stored procedure for any user
  create any sequence Create for any user Sequence permission
  create any snapshot Permission to create snapshots for any user
  create any synonym permission to create a synonym for any user
  create any table permission to create a table for any user
  create any trigger permission to create a trigger for any user
  create any view permission to create a view for any user
  create cluster permission to create a cluster for a user Permissions
  create database link Permissions to create user create procedure Permissions
  to create stored procedures for users
  create profile Permissions to create resource restriction profiles
  create public database link Permissions to create public database links
  create public synonym Permissions to create public synonyms
  create role Permission to create role create rollback segment Permission to
  create rollback segment create session Permission to
  create session create sequence Permission to
  create sequence for user create snapshot Permission to
  create snapshot for user
  create synonym Permission to create synonym for user
  create table Permissions on tables
  create tablespace Permissions on creating tablespaces
  create user Permissions on creating users
  create view permission to create a view for a user
  delete any table permission to delete any table row delete any view permission to
  delete any view row
  delete snapshot permission to delete a row in a snapshot delete table permission to
  delete a table row
  for a user delete view permission to delete a view row for a user Permission
  drop any cluster Permission to delete any cluster
  drop any index Permission to delete any index
  drop any procedure Permission to delete any stored procedure
  drop any role Permission to delete any role
  drop any sequence Permission to delete any sequence
  drop any snapshot Permission to delete any snapshot
  drop any synonym drop any synonym permission
  drop any table drop any table permission
  drop any trigger drop any trigger permission
  drop any view drop any view permission
  drop profile drop resource limit profile permission
  drop public cluster drop public cluster Permission to
  drop public database link
  drop public synonym delete public synonym permissions
  drop rollback segment delete rollback segment permissions
  drop tablespace delete tablespace permissions
  drop user delete user permissions
  execute any procedure permissions to execute any stored procedure
  execute function execute stored function permissions
  execute package Permission to execute stored packages
  execute procedure Permission to execute user stored procedures
  force any transaction Permission to manage the output of uncommitted arbitrary transactions
  force transaction Permission to manage the output of uncommitted user transactions
  grant any privilege Permission to grant any system privilege
  grant any role to grant any role Role permissions
  index table Permissions to add indexes to tables
  insert any table permissions to insert rows into any table
  insert snapshot permissions to insert rows into snapshots
  insert table permissions to insert rows into user tables
  insert view permissions to insert rows into user views Permission
  lock any table Permission to lock any table
  manager tablespace Permission to manage (backup availability) tablespace
  references table permissions for reference tables
  restricted session permissions for creating restricted database sessionsselect
  any sequence permissions for using any sequenceselect
  any table permissions for any
  tableselect snapshot permissions for snapshotsselect
  sequence permissions for user sequencesselect
  table using user tables Permission to
  use select view Permission to use view
  unlimited tablespace Permission to unrestricted table space size
  update any table Permission to modify rows in any table
  update snapshot Permission to modify rows in snapshot
  update table Permission to modify rows in user table
  update view Permission to modify rows in view
    enqueue any queue is the permission to add messages to all queues; dequeue
    any queue is the permission to dequeue messages to all queues;
    manage any queue is the permission to run DBMS_AQADM under all schemes

1. View all users :
select * from dba_users;
select * from all_users;
select * from user_users;
2. View user or role system permissions:
select * from dba_sys_privs;
select * from user_sys_privs;
3. View user object permissions:
select * from dba_tab_privs;
select * from all_tab_privs;
select * from user_tab_privs;
4. View all Role:
select * from dba_roles;
5. View the roles owned by a user or role:
select * from dba_role_privs;
select * from user_role_privs;

6. Note:

(1) The following statement can view the system privileges provided by Oracle

select name from sys.system_privilege_map

(2) View all system privileges of a user (system privileges including roles)

select privilege from dba_sys_privs where grantee='USER_NAME'
union
select privilege from dba_sys_privs where grantee in (select granted_role from dba_role_privs where grantee='USER_NAME' );



1. Privilege is the user's right to execute a function. In Oracle, according to different system management methods, permissions are divided into two categories: system permissions and entity permissions. System permissions refer to whether an authorized user can connect to the database and what system operations can be performed in the database. Entity permissions refer to the permissions a user has on a specific schema entity (schema). This can be a bit vague, for example: select any table is a system permission, which means that you can view any table. And select on table1 is an entity authority, indicating the query authority for table table1.

2. See the above table

3. Use of the system authority authorization command
  Syntax:
GRANT authority name TO user|role|PUBLIC
Among them, PUBLIC means assigning authority to all users in the database
Example : The authorization command of CREATE TABLE assigned to user USER1 authority is as follows :
SQL>GRANT CREATE TABLE TO USER1;
The authorization statement can also add the WITH ADMIN OPTION option, which means that the authorized user can assign the authority it has obtained to other users, such as:
SQL>GRANT CREATE TABLE, CREATE VIEW TO USER1, USER2 WITH ADMIN OPTION;
To know the system privileges owned by each user, you can query the data dictionary USER_SYS_PRIVS, ROLE_SYS_PRIVS.
To reclaim the authority, use the REVOKE command, such as:
SQL>REVOKE CREATE TABLE FROM USER1;

4. Entity authority management
  Entity authority refers to the operation authority of a user on a specific schema object.
1. Entity authority classification
  Different entity types have different entity authority, as shown in the following table


2. Entity authority grant command The

  syntax is as follows:
GRANT entity authority name|ALL TO user|role|PUBLIC
Among them, ALL represents all entity authority of the entity.
For example:
SQL>GRANT SELECT ON BOOKS_QUTHORS TO USER1;
The following statement is used to query the authorization information of the entity privilege of the table:
SQL>SELECT * FROM USER_TAB_PRIVES
To reclaim the entity privilege, use REVOKE, the syntax is as follows:
REVOKE entity privilege name|ALL ON Entity Name FROM Username|Role Name|PUBLIC.

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=326273900&siteId=291194637
Recommended
Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?
Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running
Ranking
8个无需编写代码即可使用 Python 内置库的方法
Java collections interview knowledge Lite
Machine learning algorithms foundation - Introduction a (watermelon materials for the book)
(Easy) Ransom Note - LeetCode
[Five days] Qt from entry to actual combat: the second day
Remember once extremely pit father can not download Maven Jar package of issues: IDEA question
The minimum cost Shortest
OSPF study map (the most complete version)
Network Takeaways
GnuPG
Daily
More
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)

Code World

© 2018 codetd.com