Permission management for Oracle Security Management

Permission management
Permission management overview
In Oracle, user permissions are divided into system permissions and object permissions.

System permission: indicates the permission to perform an operation at the database level, such as create session permission and create any table permission.

Object permission: the permission to perform certain operations on a specific database object, such as adding, deleting, modifying, and querying permissions on the table.

You can grant permissions to a user in either of the following ways:

(1) Direct authorization: Use the grant command to directly authorize the user

(2) indirect authorization: grant permissions to the role first, and then grant the role to the user.

DBA permission control includes:

• Provide users with the permission to perform certain operations

• Grant and revoke system function execution Permissions

• Grant permissions directly to users or roles

• Grant permissions to all users (PUBLIC)

1. system permission management
1. system permission Classification
In oracle databases, there are more than one hundred system permissions. Users, roles, public user groups,

Note: A User Group is automatically created when a database is created when a public user group is created. All users in the database belong to this user group. If a permission is granted to a public user group, all users in the database have the permission.

Common system permissions include:

CREATE SESSION

CREATE SEQUENCE

CREATE SYNONYM

Create table in user mode

Create any table create a TABLE in ANY mode

Drop table delete TABLE in user mode

Drop any table delete a TABLE in ANY mode

CREATE PROCEDURE

EXECUTE ANY PROCEDURE

CREATE USER

Drop user delete USER

CREATE VIEW

1 2 3 4 Next Page