ITPub博客

首页 > Linux操作系统 > Linux操作系统 > Write a simple security audit script for Oracle

Write a simple security audit script for Oracle

原创 Linux操作系统 作者:yanggq 时间:2019-07-22 15:57:02 0 删除 编辑
For Oracle Security

Those who are familiar with the Oracle data dictionary can use the dictionary to find out if their database has any security exposures. Here are some common queries that are used to audit Oracle security.

1. Search for any system privileges that are granted WITH ADMIN OPTION - Privileges that are granted WITH ADMIN can be passed to other users. Hence, many companies prohibit this option, and others check to ensure that all user ID’s are proper. The information for this is located in the DBA_SYS_PRIVS view, and here is the code to do this.

select

grantee,

privilege,

admin_option

from

sys.dba_sys_privs

where

admin_option = 'YES'

and

grantee not in (‘SYS’,’SYSTEM’, etc);

2. Search for any end-users with system privileges - Users with system-level privileges may have access to unwanted areas of the database. For example the “select any table” system privilege may allow unwanted access to a user.

来自 “ ITPUB博客 ” ,链接:http://blog.itpub.net/26706/viewspace-64597/,如需转载,请注明出处,否则将追究法律责任。

请登录后发表评论 登录
全部评论

注册时间:2002-10-29

  • 博文量
    78
  • 访问量
    50508