| Security Advisory |
System privileges are privileges that do not relate to a specific schema object but, instead, relate to a class of objects, for example SELECT ANY TABLE,
or an action a user or application can engage in while connected to the database, for example CREATE TABLE.
Real Application Security (RAS) Privileges are a independent and have no direct relationship to the more traditional privileges.
They may, if utilized correctly, offer a substantial security benefit ... but the operative phrase is "utilized correctly" because we can find nowhere in the documentation where that subject is covered. |
| Recommended Security Rules |
NEVER
- Grant a privilege, RAS or otherwise, to any user or schema if you do not understand the full scope of what the privilege grants
WITH GREAT CARE AFTER READING THE DOCS and FULLY APPRECIATING THE RISKS
- Grant the minimum privileges required for a user to perform required functions
CAUTIONS
- Never grant a privilege without having in the same scope defined how its usage will be audited and a regular review process to determine whether the grant is still required
|
| Data Dictionary Objects |
| XS$AGGR_PRIV |
XS$OBJ |
XS$PRIV |
| |
|
|
|
| List all System Privileges |
SELECT name
FROM xs$obj
WHERE type = 4
ORDER BY 1;
col description format a67
SELECT o.name, p.description
FROM xs$obj o, xs$priv p
WHERE o.id = p.priv#
ORDER BY 1;
NAME DESCRIPTION
------------------------------
-------------------------------------------------------
ADMINISTER_SESSION Privilege for session administration
ADMIN_ANY_NAMESPACE Privilege for administering any namespace
ADMIN_ANY_SEC_POLICY Privilege for any administrative operation
ADMIN_NAMESPACE Privilege for namespace administration
ADMIN_SEC_POLICY Privilege for administering objects under a particular schema
ALL All Privileges
APPLY_SEC_POLICY Privilege for enforcing policies
ASSIGN_USER Priv. to assign user to an anonymous light weight user session
ATTACH_SESSION Privilege to attach to a light weight user session
CALLBACK Privilege to register and update event handlers
CONNECT Privilege to open a connection to a network host
CREATE_SESSION Privilege to create a light weight user session
CREATE_TRUSTED_SESSION Privilege to create a trusted light weight user session
DELETE Delete Privilege
HTTP Privilege to make a HTTP request to a host
HTTP_PROXY Privilege to make a HTTP request via a proxy
INSERT Insert Privilege
JDWP Privilege to connect to a JDWP debugger at a host
MODIFY_ATTRIBUTE Modify Attribute Privilege
MODIFY_NAMESPACE Modify Namespace Privilege
MODIFY_SESSION Privilege to modify contents of a light weight user session
PDBPROD
PROVISION Privilege for updating principal documents from FIDM
RESOLVE Privilege to resolve a network host name or address
SELECT Select Privilege
SET_DYNAMIC_ROLES Privilege to enable or disable dynamic roles in session
SMTP Privilege to send SMTP to a host
TERMINATE_SESSION Privilege to terminate a light weight user session
UPDATE Update Privilege
USE_CLIENT_CERTIFICATES Privilege to use client certificates in a wallet
USE_PASSWORDS Privilege to use password credentials in a wallet
SELECT id, name
FROM xs$obj
WHERE id IN (2147493784, 2147493786);
ID NAME
---------- ------------------------------
2147493784 VIEW_SENSITIVE_INFO
2147493786 UPDATE_INFO |
| |
| Session Privileges |
| ??? |
| The following are RAS session privileges ... privileges that impact what a session can and cannot do |
- CONNECT
- DELETE
- INSERT
- SELECT
- UPDATE
|
| The code at right should be run daily or |
??? |
| |
| System Privileges |
| ??? |
| Administer |
- ADMINISTER_SESSION
- ADMIN_ANY_NAMESPACE
- ADMIN_ANY_SEC_POLICY
- ADMIN_SEC_POLICY
|
| Apply |
|
| Miscellaneous |
- CALLBACK
- PROVISION
- SET_DYNAMIC_ROLES
|
| Namespace |
|
| Security Policy |
- ADMIN_ANY_SEC_POLICY
- ADMIN_SEC_POLICY
- APPLY_SEC_POLICY
|
| Session |
- ADMINISTER_SESSION
- ATTACH_SESSION
- CREATE_SESSION
- CREATE_TRUSTED_SESSION
- MODIFY_SESSION
- TERMINATE_SESSION
|
| User |
- ADMIN_ANY_SEC_POLICY
- ASSIGN_USER
|
| |
| Other Privileges |
| ??? |
| The following are RAS privileges defined in the data dictionary ??? |
- ALL
- ADMIN_NAMESPACE
- HTTP
- HTTP_PROXY
- JDWP
- MODIFY_ATTRIBUTE
- MODIFY_NAMESPACE
- PDBPROD
- RESOLVE
- SMTP
- UPDATE_INFO
- USE_CLIENT_CERTIFICATES
- USE_PASSWORDS
- VIEW_SENSITIVE_INFO
|
| |
| |