 |
|
Oracle Tips by Burleson |
Chapter 2 Introduction
to Oracle Security
However, doesn't it become tedious to grant
specific privileges to all the defined users in the system? Yes, it
does. To alleviate the inconvenience, Oracle allows privileges to be
granted to roles, which can then be granted to users. Roles will be
defined later in this chapter.
Grant users only the privileges necessary
for them to perform their role, no more than that. Document the
granted privileges and review them from time to time to find
potential problems.
One important aspect to remember in this type
of security arrangement is that access is made to the entire table.
In the above example, JUDY is allowed to see all the rows of the
table CLAIMS. If that is not desirable, rows can be selectively
displayed with some filtering criteria using views or a more
sophisticated setup called Virtual Private Database, explained
later.
Object
Masquerading
Inside the museum, there is an exhibit on
butterflies of all shapes and sizes mounted on glass plates. A
particular butterfly catches John’s attention. It is beautiful, but
there is something odd about it. A museum tour guide approaches John
and Jeff and asks them to read the little story on the mounted
display case. The butterfly, according to the card, is not a
butterfly at all, it is a spider masquerading as one! This way, the
other butterflies come near it and get caught in its sticky web.
Camouflage is a trick that has been
used since time immortal by all types of living creatures. Some use
it for hunting, and some for protection from these hunters.
The above text is
an excerpt from:
Oracle Privacy Security Auditing
The
Final Word on Oracle Security
This is the only authoritative
book on Oracle Security, Oracle Privacy, and Oracle Auditing written
by two of the world’s leading Oracle Security experts.
This indispensable book is only $39.95 and has an
immediate download of working security scripts:
http://rampant-books.com/book_2003_2_audit.htm |
