I am currently searching for a table that contains all privileges that can be granted on a SAP HANA DB.
I was looking for a view similar to the V$OBJECT_PRIVILEGE on ORACLE DB.
Does it even exists?
Kind regards,
Sam
The V$OBJECT_PRIVILEGE covers only the privileges related to objects (e.g. 'CREATE SESSION' wouldn't be in there).
For SAP HANA you'll find all the possible privileges in the documentation, e.g. here http://help.sap.com/saphelp_hanaplatform/helpdata/en/20/f674e1751910148a8b990d33efbdc5/content.htm
Lars
Not sure if really all privileges are listed here - but have a look at the GRANTED_PRIVILEGES system view.
Related
I have 5 views in my Oracle database schema. And i need to provide read only access to only one view for user.
I am thinking below approach but not sure if its possible as i am not good in dba part.
a) Create a new user or the corresponding business role APP_ROLE and assign "CREATE SESSION" rights.
b) GRANT SELECT ON <view> TO {APP | APP_ROLE}
In actual oracle versions (>=12.1.0.2) it's better to use read privilege:
New features 12.1.0.2
READ Object Privilege in Oracle Database 12c Release 1 (12.1.0.2)
On previous versions - yes, grant select is fine.
I've installed Oracle APEX 19.2, on database 12.2. And I don't know how to use tables which exist in database. For instance, I have table 'test' in database and I can't use this table in app builder. I searched in google, but I couldn't find appropriate answer.
Thanks in advance
When you create a workspace, you have to "pair" database users (schemas) with your workspace. It is done in administrative part of Apex (you have to log in as ADMIN).
Once you do that, you'll be able to see tables owned by that user.
I'm using Oracle's 10g version.
In the database, I would like to create a configuration table and fill it with data.
Then the other users can not change anything in it, and even better that it was not at all visible to other users. Is it possible to somehow hide the table?
Regards
Create a separate schema for that table. Create a package that provides an API to your configuration data (e.g. to get a value that is needed by another program).
Revoke CREATE SESSION privilege from that schema (i.e. just don't grant any privileges to the schema at all). Don't grant any privileges on the table. The only users who will be able to see the table are those with DBA privileges.
The only thing that database sessions will be able to do is execute the package, IF they have been granted EXECUTE privilege on it.
If you do not grant enough privileges to other users, they could not see your objects.
For our application we're using outsorced Oracle administration. Now we'd like to prevent external oracle administrator from changing our data (DELETE, INSERT, UPDATE).
Is there any way how to do it?
Is there possible to REVOKE eg. UPDATE ANY TABLE to SYS account and is this sufficient?
I have read the Oracle Security Guide but haven't found anything. Only a statement: Do not use a DBA role which contains eg. the UPDATE ANY TABLE privilege.
I see I also should REVOKE GRANT ANY PRIVILEGE ...
Simply I'd need a complex guide how to do it and I'm not able to find any document about it.
Thanks
I have an oracle graphics application that works with a 10G database, however with a 11G DB it doesnt as it refuses to see some tables in the DB, i think it has to do with privelages and roles. Does anyone know how to grant roles in the graphics program. I was thinking that at in the OPEN TRIGGER i can grant the tables to public , eg: GRANT ALTER, DELETE, INDEX, INSERT, REFERENCES, SELECT, UPDATE ON GENDBA.SUPLOCATIONS TO PUBLIC; and in the close trigger i can revoke the grant therby retaining the security of the DB tables.
Can anyone out there help me?
thanks tbone. what we have done is gotten scripts to block access to the database from toad , sqtools etc and all similar programs so users wouldnt be able to access the database (only given them forms access) and removed the passwords from all the tables. well something like that and the graphics seem to work. Thanks guys