Presentation is loading. Please wait.

Presentation is loading. Please wait.

16 Copyright © Oracle Corporation, 2001. All rights reserved. Managing Privileges.

Published byVernon Farmer Modified over 8 years ago

Similar presentations

Presentation on theme: "16 Copyright © Oracle Corporation, 2001. All rights reserved. Managing Privileges."— Presentation transcript:

1 16 Copyright © Oracle Corporation, 2001. All rights reserved. Managing Privileges

2 16-2 Copyright © Oracle Corporation, 2001. All rights reserved. Objectives After completing this lesson, you should be able to do the following: Identify system and object privileges Grant and revoke privileges

3 16-3 Copyright © Oracle Corporation, 2001. All rights reserved. Two types of Oracle user privileges: System: Enables users to perform particular actions in the database Object: Enables users to access and manipulate a specific object Managing Privileges

4 16-4 Copyright © Oracle Corporation, 2001. All rights reserved. There are more than 100 distinct system privileges. The ANY keyword in privileges signifies that users have the privilege in any schema. The GRANT command adds a privilege to a user or a group of users. The REVOKE command deletes the privileges. System Privileges

5 16-5 Copyright © Oracle Corporation, 2001. All rights reserved. CategoryExamples INDEXCREATE ANY INDEX ALTER ANY INDEX DROP ANY INDEX TABLE CREATE TABLE CREATE ANY TABLE ALTER ANY TABLE DROP ANY TABLE SELECT ANY TABLE UPDATE ANY TABLE DELETE ANY TABLE SESSIONCREATE SESSION ALTER SESSION RESTRICTED SESSION TABLESPACECREATE TABLESPACE ALTER TABLESPACE DROP TABLESPACE UNLIMITED TABLESPACE System Privileges: Examples

6 16-6 Copyright © Oracle Corporation, 2001. All rights reserved. GRANT CREATE SESSION TO emi; GRANT CREATE SESSION TO emi WITH ADMIN OPTION; Granting System Privileges Use the GRANT command to grant system privileges. Grantee can further grant the system privilege with ADMIN option.

7 16-7 Copyright © Oracle Corporation, 2001. All rights reserved.

8 16-8 Copyright © Oracle Corporation, 2001. All rights reserved. SYSDBA and SYSOPER Privileges ExamplesCategory SYSOPER RECOVER DATABASE ALTER DATABASE BACKUP CONTROLFILE TO ALTER DATABASE OPEN | MOUNT SHUTDOWN STARTUP ALTER DATABASE ARCHIVELOG RESTRICTED SESSION SYSOPER PRIVILEGES WITH ADMIN OPTIONSYSDBA ALTER TABLESPACE BEGIN/END BACKUP RESTRICTED SESSION RECOVER DATABASE UNTIL CREATE DATABASE

9 16-9 Copyright © Oracle Corporation, 2001. All rights reserved. O7_DICTIONARY_ACCESSIBILITY parameter Controls restrictions on SYSTEM privileges If set to TRUE, allows access to objects in SYS schema The default is FALSE : ensures that system privileges that allow access to any schema do not allow access to SYS schema System Privilege Restrictions

10 16-10 Copyright © Oracle Corporation, 2001. All rights reserved. REVOKE CREATE TABLE FROM emi; Revoking System Privileges Use the REVOKE command to remove a system privilege from a user. Users with ADMIN OPTION for system privilege can revoke system privileges. Can only revoke privileges granted with a GRANT command.

11 16-11 Copyright © Oracle Corporation, 2001. All rights reserved.

12 16-12 Copyright © Oracle Corporation, 2001. All rights reserved. DBA GRANT REVOKE JeffEmi JeffEmiDBA Revoking System Privileges with the ADMIN OPTION

13 16-13 Copyright © Oracle Corporation, 2001. All rights reserved. Object priv.TableViewSequenceProcedure ALTER  DELETE  EXECUTE  INDEX  INSERT  REFERENCES  SELECT  UPDATE  Object Privileges

14 16-14 Copyright © Oracle Corporation, 2001. All rights reserved. GRANT EXECUTE ON dbms_output TO jeff; GRANT UPDATE ON emi.customers TO jeff WITH GRANT OPTION; Granting Object Privileges Use the GRANT command to grant object privileges. Grant must be in grantors schema or grantor must have GRANT OPTION.

15 16-15 Copyright © Oracle Corporation, 2001. All rights reserved.

16 16-16 Copyright © Oracle Corporation, 2001. All rights reserved.

17 16-17 Copyright © Oracle Corporation, 2001. All rights reserved. REVOKE SELECT ON emi.orders FROM jeff; Revoking Object Privileges Use the REVOKE command to revoke object privileges. User revoking the privilege must be the original grantor of the object privilege being revoked.

18 16-18 Copyright © Oracle Corporation, 2001. All rights reserved.

19 16-19 Copyright © Oracle Corporation, 2001. All rights reserved.

20 16-20 Copyright © Oracle Corporation, 2001. All rights reserved. GRANT REVOKE BobJeffEmi JeffBob Revoking Object Privileges WITH GRANT OPTION

21 16-21 Copyright © Oracle Corporation, 2001. All rights reserved. Obtaining Privileges Information Information about privileges can be obtained by querying the following views: DBA_SYS_PRIVS SESSION_PRIVS DBA_TAB_PRIVS DBA_COL_PRIVS

22 16-22 Copyright © Oracle Corporation, 2001. All rights reserved. Summary In this lesson, you should have learned how to: Identify system and object privileges Grant and revoke privileges

23 16-23 Copyright © Oracle Corporation, 2001. All rights reserved. Practice 16 Overview This practice covers the following topics: Creating user and granting system privileges Granting object privileges to users

24 16-24 Copyright © Oracle Corporation, 2001. All rights reserved.

Download ppt "16 Copyright © Oracle Corporation, 2001. All rights reserved. Managing Privileges."

Similar presentations

14-1 Copyright  Oracle Corporation, 1998. All rights reserved. Privileges Database security: – System security – Data security System privileges: Gain.

14-1 Copyright  Oracle Corporation, All rights reserved. Privileges Database security: – System security – Data security System privileges: Gain.
13 Copyright © Oracle Corporation, 2001. All rights reserved. Controlling User Access.

13 Copyright © Oracle Corporation, All rights reserved. Controlling User Access.
4 Copyright © 2005, Oracle. All rights reserved. Managing the Oracle Instance.

4 Copyright © 2005, Oracle. All rights reserved. Managing the Oracle Instance.
Oracle 10g Database Administrator: Implementation and Administration

Oracle 10g Database Administrator: Implementation and Administration
Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.

Oracle9i Database Administrator: Implementation and Administration 1 Chapter 12 System and Object Privileges.
System Administration Accounts privileges, users and roles

System Administration Accounts privileges, users and roles
Oracle8 - The Complete Reference. Koch a& Loney1 By What Authority? Presented by Victor Matos.

Oracle8 - The Complete Reference. Koch a& Loney1 By What Authority? Presented by Victor Matos.
Administering User Security

Administering User Security
5 Copyright © 2006, Oracle. All rights reserved. Database Recovery.

5 Copyright © 2006, Oracle. All rights reserved. Database Recovery.
Configuring Recovery Manager

Configuring Recovery Manager
Using RMAN to Perform Recovery

Using RMAN to Perform Recovery
20 Copyright © 2004, Oracle. All rights reserved. Database Recovery.

20 Copyright © 2004, Oracle. All rights reserved. Database Recovery.
13 Copyright © Oracle Corporation, 2001. All rights reserved. RMAN Complete Recovery.

13 Copyright © Oracle Corporation, All rights reserved. RMAN Complete Recovery.
By Lecturer / Aisha Dawood 1.  Administering Users  Create and manage database user accounts.  Create and manage roles.  Grant and revoke privileges.

By Lecturer / Aisha Dawood 1.  Administering Users  Create and manage database user accounts.  Create and manage roles.  Grant and revoke privileges.
9 Copyright © 2005, Oracle. All rights reserved. Administering User Security.

9 Copyright © 2005, Oracle. All rights reserved. Administering User Security.
Copyright س Oracle Corporation, 1998. All rights reserved. 14 Controlling User Access.

Copyright س Oracle Corporation, All rights reserved. 14 Controlling User Access.
Week 6 Lecture 2 System and Object Privileges. Learning Objectives  Identify and manage system and object privileges  Grant and revoke privileges to.

Week 6 Lecture 2 System and Object Privileges. Learning Objectives  Identify and manage system and object privileges  Grant and revoke privileges to.
To Presentation on SECURITY By Office of the A.G. (A&E) Punjab, Chandigarh.

To Presentation on SECURITY By Office of the A.G. (A&E) Punjab, Chandigarh.
Week 7 Lecture 1 Database Roles. Learning Objectives  Discover when and why to use roles  Learn how to create, modify, and remove roles  Learn how.

Week 7 Lecture 1 Database Roles. Learning Objectives  Discover when and why to use roles  Learn how to create, modify, and remove roles  Learn how.
I NTRODUCTION OF W EEK 7  Assignment Discussion  Graded: 3-1-2 (Creation of Database) (All submitted!)  Naming standard, Logical to physical design.

I NTRODUCTION OF W EEK 7  Assignment Discussion  Graded: (Creation of Database) (All submitted!)  Naming standard, Logical to physical design.

Similar presentations

Ads by Google