oracle 列出具有 root(管理)权限的用户
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5356992/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
list user who have root (administrative) privilege
提问by CrazyC
I want to know the list of all users who have root (administrative) privilege in Oracle. I would like it in a script or C++ application. Script is preferred.
我想知道在 Oracle 中拥有 root(管理)权限的所有用户的列表。我想在脚本或 C++ 应用程序中使用它。脚本优先。
采纳答案by dseibert
Here is howyou find privileges of your users:
这里是怎么找到你的用户的权限:
select
lpad(' ', 2*level) || granted_role "User, his roles and privileges"
from
(
/* THE USERS */
select
null grantee,
username granted_role
from
dba_users
/* THE ROLES TO ROLES RELATIONS */
union
select
grantee,
granted_role
from
dba_role_privs
/* THE ROLES TO PRIVILEGE RELATIONS */
union
select
grantee,
privilege
from
dba_sys_privs
)
start with grantee is null
connect by grantee = prior granted_role;
This will show you which users have inflated privileges. You can execute this in a shell script by typing
这将显示哪些用户具有夸大的权限。您可以通过键入在 shell 脚本中执行此操作
sqlplus / as sysdba --(if you are root on the box)
spool user_privileges.txt
@whos_a_root.sql --(if that's what you call your script)
spool off
exit;
回答by DCookie
Exactly what do you mean by "root" or "adminstrative" privileges in Oracle? Do you want the users granted SYSDBA? Or, in the older Oracle releases, there was the DBA role, which had an extensive set of privileges that gave the user the ability to do most anything. It has a reduced set of capabilities in 11g. The answer given by @client09 is valuable for identifying exactly what each user can do.
Oracle 中的“root”或“管理”权限究竟是什么意思?您是否希望授予用户 SYSDBA 权限?或者,在较早的 Oracle 版本中,有 DBA 角色,该角色具有一组广泛的特权,使用户能够执行大多数操作。它在 11g 中具有一组简化的功能。@client09 给出的答案对于准确识别每个用户可以做什么很有价值。
To me, the root user in Oracle is the SYSDBA account, by default the SYS user. Anyone granted this privilege can log in "AS SYSDBA", which gives that user complete control of the database. You can list the users granted this privilege via this select:
对我来说,Oracle 中的 root 用户是 SYSDBA 帐户,默认情况下是 SYS 用户。任何被授予此权限的人都可以登录“AS SYSDBA”,这使该用户可以完全控制数据库。您可以通过此选择列出授予此权限的用户:
SELECT * FROM v$pwfile_users;
Interestingly enough, if I'm granted the SYSDBA role, and I log in as sysdba, the actual user in the Oracle session is SYS:
有趣的是,如果我被授予 SYSDBA 角色,并且我以 sysdba 身份登录,那么 Oracle 会话中的实际用户是 SYS:
SQL> create user test identified by test;
User created.
SQL> grant create session to test;
Grant succeeded.
SQL> grant sysdba to test;
Grant succeeded.
SQL> connect test/test as sysdba
Connected.
SQL> select user from dual;
USER
------------------------------
SYS
SQL> select * from v$pwfile_users;
USERNAME SYSDB SYSOP SYSAS
------------------------------ ----- ----- -----
SYS TRUE TRUE FALSE
TEST TRUE FALSE FALSE
