049 - Chapter 5. Oracle Default Roles and User Accounts

049 - Chapter 5. Oracle Default Roles and User Accounts <p clas><script> </script></p>

Oracle Security
By William Heney, Marlene Theriault
Table of Contents
Part I:  Security in an oracle System

Chapter 5. Oracle Default Roles and User Accounts

Okay, get your pencil and paper out. It's time for a pop quiz!

Question 1. You've just created an Oracle database. How many user accounts exist on your system?

  1. 1

  2. 2

  3. 8

  4. It depends on the version

Question 2. With the same database as above, how many roles exist in the database?

  1. 1

  2. 3

  3. 6

  4. It depends on the version

If you answered number 4 "It depends on the version" for each of the questions, you are correct. Give yourself a gold star.

As we mentioned in Chapter 4, when you create an Oracle database, Oracle performs many tasks in conjunction with the creation. There are several scripts that are run. Some of these scripts create default roles and default users in your database.

Chapter 3, explains that using roles can help you lighten your workload by letting you assign many privileges to many users quickly by performing the following tasks:

  1. Create a role

  2. Grant to the new role the privileges you want the set of users to have

  3. Grant the role to each of the users

Oracle supplies several default ("canned") roles that you might use to quickly assign privileges to users. However, there are problems you need to be aware of when you use these Oracle-supplied default roles. In order to completely protect your database, you need to know what the default roles are and the advantages and disadvantages of using these roles.

Oracle also creates several default users within a database. Unfortunately, the usernames and passwords for these accounts are hardcoded into the scripts that reside in your operating system's Oracle directory structure. Many of the passwords are commonly known by most DBAs, and many are easy to guess.

For each new version of the RDBMS, default users and roles can change. Be sure to carefully examine the roles, users, and their assigned default privileges for your version.

In this chapter, we'll examine the default roles and users that exist in your newly-created database. We'll discuss the problems associated with these roles and users and look at why you might not want to take advantage of these constructs.


Oracle Security
Oracle Security Handbook : Implement a Sound Security Plan in Your Oracle Environment
ISBN: 0072133252
EAN: 2147483647
Year: 1998
Pages: 154

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net