1. Search for any system privileges that are granted WITH ADMIN OPTION - Privileges that are granted WITH ADMIN can be passed to other users. Hence, many companies prohibit this option, and others check to ensure that all user ID’s are proper. The information for this is located in the DBA_SYS_PRIVS view, and here is the code to do this.
admin_option = 'YES'
grantee not in (‘SYS’,’SYSTEM’, etc);
2. Search for any end-users with system privileges - Users with system-level privileges may have access to unwanted areas of the database. For example the “select any table” system privilege may allow unwanted access to a user.
来自 “ ITPUB博客 ” ，链接：http://blog.itpub.net/26706/viewspace-64597/，如需转载，请注明出处，否则将追究法律责任。