 |
|
Oracle Tips by Burleson |
Chapter 8 General Oracle Auditing
The user then issues the following statement to
create a table claim_master in its own schema:
create table
claim_schema.claim_master (………);
In this second statement, the user does not use
CREATE ANY TABLE, but CREATE TABLE.
If the auditing options are set for CREATE ANY
TABLE and not CREATE TABLE, only the first statement will be
audited, not the second.
Let’s see the effects of the privileges used in
auditing. In this example the user CLAIM_SCHEMA creates a table as:
create table sometab1 (col1 number);
Now, the user ALLPOWERFUL creates another table
in CLAIM_SCHEMA’s schema as follows.
create table claim_schema.sometab2 (col1
number);
Since the user has the CREATE ANY TABLE system
privilege, he can create a table in any other user’s schema.
Note the important point here. The owner of
both these new tables is CLAIM_SCHEMA, although one is created by
ALLPOWERFUL. Since we have set up auditing on the privilege CREATE
ANY TABLE and that was precisely what the user used, the audit
records for these two actions will be different.
The above text is
an excerpt from:
Oracle Privacy Security Auditing
The
Final Word on Oracle Security
This is the only authoritative
book on Oracle Security, Oracle Privacy, and Oracle Auditing written
by two of the world’s leading Oracle Security experts.
This indispensable book is only $39.95 and has an
immediate download of working security scripts:
http://rampant-books.com/book_2003_2_audit.htm
|
Download your Oracle scripts now:
www.oracle-script.com
The
definitive Oracle Script collection for every Oracle professional DBA
|
|
