Добавил:
Опубликованный материал нарушает ваши авторские права? Сообщите нам.
Вуз: Предмет: Файл:
Скачиваний:
31
Добавлен:
16.04.2013
Размер:
2.15 Mб
Скачать

Creating and Controlling Roles

Example A–1 Setting Restrictions in the PUP Table

This is an example of how to insert a row into the PUP table to restrict the user HR from using the SELECT statement:

1.Log in with AS SYSDBA privileges.

2.Insert a row into the PUP table with the command:

INSERT INTO PRODUCT_USER_PROFILE

VALUES (’SQL*PLUS’, ’HR’, ’SELECT’, NULL, NULL, ’DISABLED’, NULL, NULL);

3.Connect as HR/HR and try to SELECT something:

CONNECT HR/HR;

SELECT * FROM EMP_DETAILS_VIEW;

This command causes the following error message:

SP2-0544: INVALID COMMAND: SELECT

4.To delete this row and remove the restriction from the user HR, CONNECT again with AS SYSDBA privileges and enter:

DELETE FROM PRODUCT_USER_PROFILE WHERE USERID = ’HR’;

Creating and Controlling Roles

You can use SQL commands to create and control access to roles to provide security for your database tables.

By creating a role and then controlling who has access to it, you can ensure that only certain users have access to particular database privileges.

Roles are created and used with the SQL CREATE, GRANT, and SET commands:

To create a role, you use the CREATE command. You can create roles with or without passwords.

To grant access to roles, you use the GRANT command. In this way, you can control who has access to the privileges associated with the role.

To access roles, you use the SET ROLE command. If you created the role with a password, the user must know the password in order to access the role.

For more information about roles, see your Oracle9i SQL Reference, your Oracle9i Administrator’s Guide, and your Oracle9i Concepts manual.

B-6 iSQL*Plus User’s Guide and Reference

Creating and Controlling Roles

Disabling SET ROLE

From SQL*Plus, users can submit any SQL command. In certain situations, this can cause security problems. Unless you take proper precautions, a user could use SET ROLE to access privileges obtained via an application role. With these privileges, they might issue SQL statements from SQL*Plus that could wrongly change database tables.

To prevent application users from accessing application roles in SQL*Plus, you can use the PUP table to disable the SET ROLE command. You also need to disable the BEGIN and SQL*Plus EXECUTE commands to prevent application users setting application roles through a PL/SQL block. This allows a SQL*Plus user only those privileges associated with the roles enabled when they started SQL*Plus. For more information about the creation and usage of user roles, see your Oracle9i SQL Reference and Oracle9i Administrator’s Guide.

Disabling User Roles

To disable a role for a given user, insert a row in the PUP table containing the user’s username in the Userid column, “ROLES” in the Attribute column, and the role name in the Char_Value column.

Note: When you enter "PUBLIC" or "%" for the Userid column, you disable the role for all users. You should only use "%" or "PUBLIC" for roles which are granted to "PUBLIC". If you try to disable a role that has not been granted to a user, none of the roles for that user are disabled.

The Scope, Numeric_Value, and Date_Value columns should contain NULL. For example:

PRODUCT

USERID

ATTRIBUTE

SCOPE

NUMERIC

CHAR

DATE

 

 

 

 

VALUE

VALUE

VALUE

-------

------

---------

-----

--------

------

-----

SQL*Plus

HR

ROLES

 

 

ROLE1

 

SQL*Plus

PUBLIC

ROLES

 

 

ROLE2

 

During login, these table rows are translated into the command

SET ROLE ALL EXCEPT ROLE1, ROLE2

Security B-7

Creating and Controlling Roles

To ensure that the user does not use the SET ROLE command to change their roles after login, you can disable the SET ROLE command. See "Disabling SET ROLE" earlier in this appendix.

To re-enable roles, delete the row containing the restriction.

B-8 iSQL*Plus User’s Guide and Reference

C

Unsupported SQL*Plus Commands

This appendix lists SQL*Plus commands not supported in this release of iSQL*Plus. Attempting to use any of the following unsupported commands or command options raises an SP2-0850 error message.

The ACCEPT, CLEAR SCREEN, PASSWORD and PAUSE commands, and the following SET command options have no context in iSQL*Plus and have not been implemented.

COLSEP

SQLPREFIX

EDITFILE

SQLPROMPT

FLUSH

SUFFIX

NEWPAGE

TAB

PAUSE

TERMOUT

SHIFTINOUT

TIME

SQLBLANKLINES

TRIMOUT

SQLCONTINUE

TRIMSPOOL

SQLNUMBER

 

The following commands have security issues on the middle tier and have not been implemented.

EXIT/QUIT

SAVE

WHENEVER OSERROR EXIT

GET

SPOOL

WHENEVER SQLERROR EXIT

HOST

STORE

 

The following commands are SQL buffer editing commands which are not relevant in iSQL*Plus and have not been implemented.

[0-9]+

CHANGE

EDIT

APPEND

DEL

INPUT

Unsupported SQL*Plus Commands C-1

C-2 iSQL*Plus User’s Guide and Reference

Соседние файлы в папке Oracle 9.0.1