Oracle permission Summary

I. Permission classification:

System permission: The system specifies the user's permission to use the database. (System permissions are for users ).

Object permission: A permission that allows you to access tables or views of other users. (For tables or views ).

Ii. system permission management:

1. system permission classification:

DBA: it has all the privileges and is the highest system permission. only DBA can create a database structure.

RESOURCE: users with Resource permissions can only create entities, but cannot create database structures.

CONNECT: users with the Connect permission can only log on to Oracle, create entities, and create database structures.

For normal users: grant connect and resource permissions.

For DBA management users: grant the connect, resource, and dba permissions.

2. system permission authorization command:

[System permissions can only be granted by DBA users: sys and system (only these two users are allowed at the beginning)]

Authorization command: SQL> grant connect, resource, dba to username 1 [, username 2]...;

[Normal users can have the same user permissions as system through authorization, but they can never have the same permissions as sys users. system users can also be revoked.]

Example:

SQL> connect system/manager

SQL> Create user user50 identified byuser50;

SQL> grant connect, resource to user50;

Query the permissions of a user:

SQL> select * from dba_role_privs;

SQL> select * from dba_sys_privs;

SQL> select * from role_sys_privs;

Delete A user: SQL> drop user Username cascade; // Add cascade to delete all the users and their created items.

3. pass system permissions:

If the with admin option is added, the obtained permissions can be passed.

SQL> grant connect, resorce to user50with admin option; // You can pass the obtained permissions.

4. Revoke system permissions: only DBA users can revoke system permissions.

Command: SQL> Revoke connect, resource from user50;

Note:

1) if you use with adminoption to grant system permissions to a user, for all users granted the same permissions to the user, canceling the user's system permissions does not cascade the same permissions of these users.

2) The system permissions are continuously connected, that is, A grants B permissions, and B grants C permissions. If A revokes B permissions, C permissions are not affected. system permissions can be revoked across users, that is, A can directly revoke the permissions of user C.

1 2 3 Next Page