Re: Privileges associated with Role

Tue, 09 Sep 2003 11:38:51 -0700 

Hi

I wrote  script some time back that you use to find all privileges
granted to a user or role, system, object and role. It does this
hierarchically so that it shows privs granted to roles granted to roles
etc. It is available from http://www.petefinnigan.com/tools.htm its the
first script there:

A sample output is:

get user input

NAME OF USER TO CHECK   [ORCL]: DBSNMP
OUTPUT METHOD           [S/F]: S
FILE NAME FOR OUTPUT   [priv.lst]: 
OUTPUT DIRECTORY          [/tmp]: 

old 162:        lv_file_or_screen:='&&output_method';
new 162:        lv_file_or_screen:='S';
old 164:                open_file('&&file_name','&&output_dir');
new 164:                open_file('priv.lst','/tmp');
old 166:        get_privs('&&user_to_find',lv_tabs);
new 166:        get_privs('DBSNMP',lv_tabs);
...USER => DBSNMP has ROLE CONNECT which contains =>
......SYS PRIV =>ALTER SESSION grantable => NO
......SYS PRIV =>CREATE CLUSTER grantable => NO
......SYS PRIV =>CREATE DATABASE LINK grantable => NO
......SYS PRIV =>CREATE SEQUENCE grantable => NO
......SYS PRIV =>CREATE SESSION grantable => NO
......SYS PRIV =>CREATE SYNONYM grantable => NO
......SYS PRIV =>CREATE TABLE grantable => NO
......SYS PRIV =>CREATE VIEW grantable => NO
...SYS PRIV =>CREATE USER grantable => NO
...SYS PRIV =>SELECT ANY DICTIONARY grantable => NO

PL/SQL procedure successfully completed.

SQL> 

Hope this helps

kind regards

Pete
-- 
Pete Finnigan
email:[EMAIL PROTECTED]
Web site: http://www.petefinnigan.com - Oracle security audit specialists
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.

-- 
Please see the official ORACLE-L FAQ: http://www.orafaq.net
-- 
Author: Pete Finnigan
  INET: [EMAIL PROTECTED]

Fat City Network Services    -- 858-538-5051 http://www.fatcity.com
San Diego, California        -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).

Reply via email to