SQL> select * from v$version;BANNER
----------------------------------------------------------------
Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod
PL/SQL Release 10.2.0.1.0 - Production
CORE 10.2.0.1.0 Production
TNS for Linux: Version 10.2.0.1.0 - Production
NLSRTL Version 10.2.0.1.0 - ProductionSQL> set pages 50
SQL> select * from dba_roles;ROLE PASSWORD
------------------------------ --------
CONNECT NO
RESOURCE NO
DBA NO
SELECT_CATALOG_ROLE NO
EXECUTE_CATALOG_ROLE NO
DELETE_CATALOG_ROLE NO
EXP_FULL_DATABASE NO
IMP_FULL_DATABASE NO
RECOVERY_CATALOG_OWNER NO
GATHER_SYSTEM_STATISTICS NO
LOGSTDBY_ADMINISTRATOR NO
AQ_ADMINISTRATOR_ROLE NO
AQ_USER_ROLE NO
GLOBAL_AQ_USER_ROLE GLOBAL
SCHEDULER_ADMIN NO
HS_ADMIN_ROLE NO
OEM_ADVISOR NO
OEM_MONITOR NO
MGMT_USER NO
PLUSTRACE NO20 rows selected.SQL> 1. CONNECT
2. RESOURCE
3. DBA
4. EXP_FULL_DATABASE
5. IMP_FULL_DATABASE
6. DELETE_CATALOG_ROLE
7. EXECUTE_CATALOG_ROLE
8. SELECT_CATALOG_ROLE1-3是为了同ORACLE老版本中的概念相兼容而提供的,不能只依赖于这些ROLE
4-5是为了使用Import和Export实用程序的方便而提供的
6-8是为了数据字典视图和包的卸载而提供的1.CONNECT 角色, 是授予最终用户的典型权利,最基本的SQL> select * from dba_sys_privs where grantee = "CONNECT"; --系统权限GRANTEE PRIVILEGE ADM
------------------------------ ---------------------------------------- ---
CONNECT CREATE SESSION NOSQL> select * from dba_tab_privs where grantee = "CONNECT"; --对象权限no rows selectedSQL> select * from dba_role_privs where grantee = "CONNECT"; --角色权限no rows selectedSQL> 2.RESOURCE 角色, 是授予开发人员的SQL> select * from dba_sys_privs where grantee = "RESOURCE";GRANTEE PRIVILEGE ADM
------------------------------ ---------------------------------------- ---
RESOURCE CREATE TRIGGER NO
RESOURCE CREATE SEQUENCE NO
RESOURCE CREATE TYPE NO
RESOURCE CREATE PROCEDURE NO
RESOURCE CREATE CLUSTER NO
RESOURCE CREATE OPERATOR NO
RESOURCE CREATE INDEXTYPE NO
RESOURCE CREATE TABLE NO8 rows selected.SQL> select * from dba_tab_privs where grantee = "RESOURCE";no rows selectedSQL> select * from dba_role_privs where grantee = "RESOURCE";no rows selectedSQL> 3.DBA 角色, 拥有系统所有系统级权限SQL> select count(*) from dba_sys_privs where grantee = "DBA"; COUNT(*)
----------
160SQL> select count(*) from dba_tab_privs where grantee = "DBA";COUNT(*)
----------
38SQL> select * from dba_role_privs where grantee = "DBA";GRANTEE GRANTED_ROLE ADM DEF
------------------------------ ------------------------------ --- ---
DBA SCHEDULER_ADMIN YES YES
DBA EXECUTE_CATALOG_ROLE YES YES
DBA DELETE_CATALOG_ROLE YES YES
DBA PLUSTRACE YES YES
DBA SELECT_CATALOG_ROLE YES YES
DBA EXP_FULL_DATABASE NO YES
DBA GATHER_SYSTEM_STATISTICS NO YES
DBA IMP_FULL_DATABASE NO YES8 rows selected.SQL> 4.IMP_FULL_DATABASE 角色SQL> select count(*) from dba_sys_privs where grantee = "IMP_FULL_DATABASE";COUNT(*)
----------
68SQL> select count(*) from dba_tab_privs where grantee = "IMP_FULL_DATABASE";COUNT(*)
----------
14SQL> select * from dba_role_privs where grantee = "IMP_FULL_DATABASE";GRANTEE GRANTED_ROLE ADM DEF
------------------------------ ------------------------------ --- ---
IMP_FULL_DATABASE EXECUTE_CATALOG_ROLE NO YES
IMP_FULL_DATABASE SELECT_CATALOG_ROLE NO YESSQL> 5.EXP_FULL_DATABASE 角色SQL> select * from dba_sys_privs where grantee = "EXP_FULL_DATABASE";GRANTEE PRIVILEGE ADM
------------------------------ ---------------------------------------- ---
EXP_FULL_DATABASE READ ANY FILE GROUP NO
EXP_FULL_DATABASE RESUMABLE NO
EXP_FULL_DATABASE EXECUTE ANY PROCEDURE NO
EXP_FULL_DATABASE EXECUTE ANY TYPE NO
EXP_FULL_DATABASE SELECT ANY TABLE NO
EXP_FULL_DATABASE ADMINISTER RESOURCE MANAGER NO
EXP_FULL_DATABASE BACKUP ANY TABLE NO
EXP_FULL_DATABASE SELECT ANY SEQUENCE NO8 rows selected.SQL> select count(*) from dba_tab_privs where grantee = "EXP_FULL_DATABASE";COUNT(*)
----------
39SQL> select * from dba_role_privs where grantee = "EXP_FULL_DATABASE";GRANTEE GRANTED_ROLE ADM DEF
------------------------------ ------------------------------ --- ---
EXP_FULL_DATABASE EXECUTE_CATALOG_ROLE NO YES
EXP_FULL_DATABASE SELECT_CATALOG_ROLE NO YESSQL> 6.DELETE_CATALOG_ROLE 角色这个角色是Oracle8新增加的,如果授予用户这个角色,用户就可以从表sys.aud$和FGA_LOG$中删除记录,sys.aud$和FGA_LOG$表中记录着审计后的记录,使用这个角色可以简化审计踪迹管理。SQL> select * from dba_sys_privs where grantee = "DELETE_CATALOG_ROLE";no rows selectedSQL> select owner, table_name, privilege, grantable from dba_tab_privs where grantee = "DELETE_CATALOG_ROLE";OWNER TABLE_NAME PRIVILEGE GRA
------------------------------ ------------------------------ ---------------------------------------- ---
SYS AUD$ DELETE NO
SYS FGA_LOG$ DELETE NOSQL> select * from dba_role_privs where grantee = "DELETE_CATALOG_ROLE";no rows selectedSQL> 7.SELECT_CATALOG_ROLE 角色, 具有从数据字典查询的权利SQL> select * from dba_sys_privs where grantee = "SELECT_CATALOG_ROLE";no rows selectedSQL> select count(*) from dba_tab_privs where grantee = "SELECT_CATALOG_ROLE";COUNT(*)
----------
1671SQL> select * from dba_role_privs where grantee = "SELECT_CATALOG_ROLE";GRANTEE GRANTED_ROLE ADM DEF
------------------------------ ------------------------------ --- ---
SELECT_CATALOG_ROLE HS_ADMIN_ROLE NO YES--进一步看看HS_ADMIN_ROLE角色SQL> select * from dba_sys_privs where grantee = "HS_ADMIN_ROLE";no rows selectedSQL> select owner, table_name, privilege, grantable from dba_tab_privs where grantee = "HS_ADMIN_ROLE";OWNER TABLE_NAME PRIVILEGE GRA
------------------------------ ------------------------------ ---------------------------------------- ---
SYS HS_FDS_CLASS SELECT NO
SYS HS_FDS_INST SELECT NO
SYS HS_BASE_CAPS SELECT NO
SYS HS_CLASS_CAPS SELECT NO
SYS HS_INST_CAPS SELECT NO
SYS HS_BASE_DD SELECT NO
SYS HS_CLASS_DD SELECT NO
SYS HS_INST_DD SELECT NO
SYS HS_CLASS_INIT SELECT NO
SYS HS_INST_INIT SELECT NO
SYS HS_ALL_CAPS SELECT NO
SYS HS_ALL_DD SELECT NO
SYS HS_ALL_INITS SELECT NO
SYS HS_FDS_CLASS_DATE SELECT NO
SYS DBMS_HS EXECUTE NO15 rows selected.SQL> select * from dba_role_privs where grantee = "HS_ADMIN_ROLE";no rows selectedSQL> 8.EXECUTE_CATALOG_ROLE 角色, 具有从数据字典中执行部分过程和函数的权利SQL> select * from dba_sys_privs where grantee = "EXECUTE_CATALOG_ROLE";no rows selectedSQL> select count(*) from dba_tab_privs where grantee = "EXECUTE_CATALOG_ROLE";COUNT(*)
----------
77SQL> select * from dba_role_privs where grantee = "EXECUTE_CATALOG_ROLE";GRANTEE GRANTED_ROLE ADM DEF
------------------------------ ------------------------------ --- ---
EXECUTE_CATALOG_ROLE HS_ADMIN_ROLE NO YESSQL> --End--phpMyadmin中编辑用户权限Oracle 11gR2 netca 无法启动出错解决相关资讯 oracle
- [INS-32052] Oracle基目录和Oracle (07/22/2014 07:41:41)
- Oracle 4个大对象(lobs)数据类型 (02/03/2013 12:33:05)
- Oracle按时间段分组统计 (07/26/2012 10:36:48)
| - [Oracle] dbms_metadata.get_ddl的 (07/12/2013 07:37:30)
- Liferay Portal 配置使用Oracle和 (07/31/2012 20:07:18)
- Concurrent Request:Inactive (07/20/2012 07:44:05)
|
本文评论 查看全部评论 (0)
易网时代-编程资源站