Results 1 to 4 of 4

Thread: Public

  1. #1
    Join Date
    Aug 2009
    Posts
    17

    Unanswered: Public

    Which objects, besides UTL_SMTP, UTL_TCP, UTL_HTTP, UTL_FILE and DBMS_RANDOM, shouldn't have PUBLIC access?

  2. #2
    Join Date
    Jul 2003
    Posts
    2,296
    none of those should. I guess it depends on your security standards.
    from an auditor's perspective they frown upon (report) anything granted to public.
    - The_Duck
    you can lead someone to something but they will never learn anything ...

  3. #3
    Join Date
    Jul 2006
    Posts
    49
    Take care when revoking Oracle's internal grants from public. For example, in some versions of Oracle revoking execute on UTL_RAW from PUBLIC can cause the export utility to produces ORA-904 errors. Before revoking permissions on a package you need to determine if anyone needs those permissions. Oracle Note 247093.1 "Be Cautious When Revoking Privileges Granted to PUBLIC" can be helpful in this regard. Also see Oracle Note 234551.1, "PUBLIC : Is it a User, a Role, a User Group, a Privilege ?"

  4. #4
    Join Date
    Aug 2009
    Posts
    17
    My doubt came out when I got the result from SELECT * FROM SYS.DBA_TAB_PRIVS; then I was able to see that that PUBLIC has granted access for all the ALL_* tables for example, SESSION ROLES, TABLE_PRIVILEGE_MAP and many others.
    Last edited by bkiddo; 08-22-09 at 03:29.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •