권한설정관련 (10.04.03 )

예전 카페에서 폐지 공지가 와서 자료를 옮겨 놓습니다.

 

1.Use Select any Dictionary , Select_catalog_role, 07_dictionary_accessibility 
- select any dictionary new 9i system privileage 
- select_catalog_role role 
- 07_dictionary_accessibility init.ora parameter 
CASE1) 
======================================== 
07_DICTIONARY_ACCESSIBILITY= false 
SELECT ANY TABLE system privilege granted 
SELECT ANY DICTIONARY system privilege not granted 
======================================== 
- 9i data dictionary protection is enabled by default by the init.ora parameter O7_DICTIONARY_ACCESSIBILITY set to false. 
- SELECT ANY TABLE system privilege provides access to non-SYS schema objects only. 
SQL> grant connect, SELECT ANY TABLE to developer; 
SQL> select * from dba_users; 
--> 조회 불가 
SQL> select empno from scott.emp; 
--> 다른 user table 조회 가능. 

CASE2) 
======================================== 
07_DICTIONARY_ACCESSIBILITY= false 
SELECT ANY TABLE system privilege not granted 
SELECT ANY DICTIONARY system privilege granted 
======================================== 
SQL> grant select any dictionary to developer; 
--> sys 유저가 grant 
SQL> revoke select any table from developer; 
SQL> select * from dba_users; --> 조회가능 
SQL> select * from scott.emp; --> 조회 불가 

CASE3) 
======================================== 
07_DICTIONARY_ACCESSIBILITY= false 
SELECT ANY TABLE system privilege granted 
SELECT ANY DICTIONARY system privilege granted 
======================================== 
SQL> grant select any dictionary to developer; 
--> sys 유저가 grant 
SQL> grant select any table from developer; 
SQL> select * from dba_users; --> 조회가능 
SQL> select * from scott.emp; --> 조회 가능 

CASE4) 
======================================== 
07_DICTIONARY_ACCESSIBILITY= true 
SELECT ANY TABLE system privilege granted 
======================================== 
- SELECT ANY TABLE provides access to all SYS and non-SYS objects. The privilege is no more so restrictive. 

CASE5) 
======================================== 
07_DICTIONARY_ACCESSIBILITY= false 
SELECT ANY TABLE system privilege not granted 
SELECT ANY DICTIONARY system privilege not granted 
SELECT ANY CATALOG_ROLE role_granted 
======================================== 
SQL> select * from dba_users ; --> 조회가능 
SQL> select * from sys.obj$; --> 조회 불가  

[출처] [grant] select anay dictionary 권한 정보.|작성자 SMCF