禁止向public用户授予对象权限
配置说明:
public用户属于任何用户,为了保障数据库的数据安全,禁止向public用户授予对象权限。
配置方法:
REVOKE ALL ON object_name FROM public;
推荐值:无
检查方法:
SELECT * FROM ADM_TAB_PRIVS WHERE GRANTEE='PUBLIC';
预期结果:只有系统默认授予的权限,如表1 public用户系统默认授予的权限所示 。
风险等级:中
表1 public用户系统默认授予的权限 受权者
对象所属用户名
对象名称
对象类型
权限
GRANT选项。拥有此选项的用户才能给其他的用户授予该权限。
PUBLIC
SYS
ADM_2PC_PENDING
VIEW
SELECT
NO
PUBLIC
SYS
DB_ARGUMENTS
VIEW
SELECT
NO
PUBLIC
SYS
DB_COL_COMMENTS
VIEW
SELECT
NO
PUBLIC
SYS
DB_CONSTRAINTS
VIEW
SELECT
NO
PUBLIC
SYS
DB_DBLINK_TABLES
VIEW
SELECT
NO
PUBLIC
SYS
DB_DBLINK_TAB_COLUMNS
VIEW
SELECT
NO
PUBLIC
SYS
DB_DEPENDENCIES
VIEW
SELECT
NO
PUBLIC
SYS
DB_VIEW_DEPENDENCIES
VIEW
SELECT
NO
PUBLIC
SYS
DB_DISTRIBUTE_RULES
VIEW
SELECT
NO
PUBLIC
SYS
DB_DIST_RULE_COLS
VIEW
SELECT
NO
PUBLIC
SYS
DB_HISTOGRAMS
VIEW
SELECT
NO
PUBLIC
SYS
DB_INDEXES
VIEW
SELECT
NO
PUBLIC
SYS
DB_IND_COLUMNS
VIEW
SELECT
NO
PUBLIC
SYS
DB_IND_PARTITIONS
VIEW
SELECT
NO
PUBLIC
SYS
DB_NODE_INFO
VIEW
SELECT
NO
PUBLIC
SYS
DB_OBJECTS
VIEW
SELECT
NO
PUBLIC
SYS
DB_PART_COL_STATISTICS
VIEW
SELECT
NO
PUBLIC
SYS
DB_PART_KEY_COLUMNS
VIEW
SELECT
NO
PUBLIC
SYS
DB_PART_STORE
VIEW
SELECT
NO
PUBLIC
SYS
DB_PART_TABLES
VIEW
SELECT
NO
PUBLIC
SYS
DB_PROCEDURES
VIEW
SELECT
NO
PUBLIC
SYS
DB_SEQUENCES
VIEW
SELECT
NO
PUBLIC
SYS
DB_SOURCE
VIEW
SELECT
NO
PUBLIC
SYS
DB_SYNONYMS
VIEW
SELECT
NO
PUBLIC
SYS
DB_TABLES
VIEW
SELECT
NO
PUBLIC
SYS
DB_TAB_COLS
VIEW
SELECT
NO
PUBLIC
SYS
DB_TAB_COLUMNS
VIEW
SELECT
NO
PUBLIC
SYS
DB_TAB_COL_STATISTICS
VIEW
SELECT
NO
PUBLIC
SYS
DB_TAB_COMMENTS
VIEW
SELECT
NO
PUBLIC
SYS
DB_TAB_DISTRIBUTE
VIEW
SELECT
NO
PUBLIC
SYS
DB_TAB_PARTITIONS
VIEW
SELECT
NO
PUBLIC
SYS
DB_TAB_STATISTICS
VIEW
SELECT
NO
PUBLIC
SYS
DB_TRIGGERS
VIEW
SELECT
NO
PUBLIC
SYS
DB_VIEWS
VIEW
SELECT
NO
PUBLIC
SYS
DB_VIEW_COLUMNS
VIEW
SELECT
NO
PUBLIC
SYS
DBMS_DEBUG
PROCEDURE
EXECUTE
NO
PUBLIC
SYS
DBMS_LOB
PROCEDURE
EXECUTE
NO
PUBLIC
SYS
DBMS_OUTPUT
PROCEDURE
EXECUTE
NO
PUBLIC
SYS
DBMS_RAFT
PROCEDURE
EXECUTE
NO
PUBLIC
SYS
DBMS_RANDOM
PROCEDURE
EXECUTE
NO
PUBLIC
SYS
DBMS_SQL
PROCEDURE
EXECUTE
NO
PUBLIC
SYS
DBMS_STANDARD
PROCEDURE
EXECUTE
NO
PUBLIC
SYS
DBMS_STATS
PROCEDURE
EXECUTE
NO
PUBLIC
SYS
DBMS_UTILITY
PROCEDURE
EXECUTE
NO
PUBLIC
SYS
DB_VIEW_DEPENDENCIES
VIEW
SELECT
NO
PUBLIC
SYS
DV_CONNPOOL_STATS
VIEW
SELECT
NO
PUBLIC
SYS
SYS_DUMMY
TABLE
SELECT
NO
PUBLIC
SYS
NLS_SESSION_PARAMETERS
VIEW
SELECT
NO
PUBLIC
SYS
ROLE_SYS_PRIVS
VIEW
SELECT
NO
PUBLIC
SYS
MY_ARGUMENTS
VIEW
SELECT
NO
PUBLIC
SYS
MY_COL_COMMENTS
VIEW
SELECT
NO
PUBLIC
SYS
MY_CONSTRAINTS
VIEW
SELECT
NO
PUBLIC
SYS
MY_CONS_COLUMNS
VIEW
SELECT
NO
PUBLIC
SYS
MY_DEPENDENCIES
VIEW
SELECT
NO
PUBLIC
SYS
MY_FREE_SPACE
VIEW
SELECT
NO
PUBLIC
SYS
MY_HISTOGRAMS
VIEW
SELECT
NO
PUBLIC
SYS
MY_INDEXES
VIEW
SELECT
NO
PUBLIC
SYS
MY_IND_COLUMNS
VIEW
SELECT
NO
PUBLIC
SYS
MY_IND_PARTITIONS
VIEW
SELECT
NO
PUBLIC
SYS
MY_IND_STATISTICS
VIEW
SELECT
NO
PUBLIC
SYS
MY_JOBS
VIEW
SELECT
NO
PUBLIC
SYS
DB_NODE_INFO
VIEW
SELECT
NO
PUBLIC
SYS
MY_OBJECTS
VIEW
SELECT
NO
PUBLIC
SYS
MY_PART_COL_STATISTICS
VIEW
SELECT
NO
PUBLIC
SYS
MY_PART_KEY_COLUMNS
VIEW
SELECT
NO
PUBLIC
SYS
MY_PART_STORE
VIEW
SELECT
NO
PUBLIC
SYS
MY_PART_TABLES
VIEW
SELECT
NO
PUBLIC
SYS
MY_PROCEDURES
VIEW
SELECT
NO
PUBLIC
SYS
MY_ROLE_PRIVS
VIEW
SELECT
NO
PUBLIC
SYS
MY_SEGMENTS
VIEW
SELECT
NO
PUBLIC
SYS
MY_SEQUENCES
VIEW
SELECT
NO
PUBLIC
SYS
MY_SOURCE
VIEW
SELECT
NO
PUBLIC
SYS
MY_SQL_MAPS
VIEW
SELECT
NO
PUBLIC
SYS
MY_SYNONYMS
VIEW
SELECT
NO
PUBLIC
SYS
MY_SYS_PRIVS
VIEW
SELECT
NO
PUBLIC
SYS
MY_TABLES
VIEW
SELECT
NO
PUBLIC
SYS
MY_TAB_COLS
VIEW
SELECT
NO
PUBLIC
SYS
MY_TAB_COLUMNS
VIEW
SELECT
NO
PUBLIC
SYS
MY_TAB_COL_STATISTICS
VIEW
SELECT
NO
PUBLIC
SYS
MY_TAB_COMMENTS
VIEW
SELECT
NO
PUBLIC
SYS
MY_TAB_DISTRIBUTE
VIEW
SELECT
NO
PUBLIC
SYS
MY_TAB_MODIFICATIONS
VIEW
SELECT
NO
PUBLIC
SYS
MY_TAB_PARTITIONS
VIEW
SELECT
NO
PUBLIC
SYS
MY_TAB_PRIVS
VIEW
SELECT
NO
PUBLIC
SYS
MY_TAB_STATISTICS
VIEW
SELECT
NO
PUBLIC
SYS
MY_TRIGGERS
VIEW
SELECT
NO
PUBLIC
SYS
MY_USERS
VIEW
SELECT
NO
PUBLIC
SYS
MY_VIEWS
VIEW
SELECT
NO
PUBLIC
SYS
MY_VIEW_COLUMNS
VIEW
SELECT
NO
PUBLIC
SYS
DV_ME
VIEW
SELECT
NO
PUBLIC
SYS
DV_USER_PARAMETERS
VIEW
SELECT
NO
「喜欢这篇文章,您的关注和赞赏是给作者最好的鼓励」关注作者【版权声明】本文为墨天轮用户原创内容,转载时必须标注文章的来源(墨天轮),文章链接,文章作者等基本信息,否则作者和墨天轮有权追究责任。如果您发现墨天轮中有涉嫌抄袭或者侵权的内容,欢迎发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。评论