全部博文(45)
分类: Oracle
2010-12-20 11:18:04
1.Object privileges
作用范围:tables, views, sequences, procedures,and packages
alter, debug, references, execute
举例: GRANT SELECT,INSERT,UPDATE,DELETE ON customers TO sales_manager [WITH GRANT OPTION];
选项: WITH GRANT OPTION 是 user/PUBLIC 的选项,不是 role,而且属于revoke cascade ;
database,debugging,Indexes,job scheduler,procedure,profiles,roles,sequences,session,synonyms,tables.tablespaces,users,views,
analyze any,sysdba,sysoper
数据字典:SYSTEM_PRIVILEGE_MAP
3.Role privileges
作用范围:用户归属某一个角色之后,继承该角色权限,角色如果设置密码保护,那么用户不一定在每次session中都可以使用role的权限。
假如grant过程如下:Mary grants to Zachary.Zachary grants to Rex. Mary -> Zachary -> Rex ,Zachary 被 dropped 之后,Rex 保留权限.
用法:
创建:CREATE ROLE appl_dba;
激活:SET ROLE appl_dba [IDENTIFIED BY seekwrit];
SET ROLE ALL EXCEPT hr_admin;
ALTER USER scott DEFAULT ROLE ALL EXCEPT plustrace;
GRANT oem_monitor TO charlie [with admin option];
选项:with admin option,all,except
数据字典:user_role_privs
chinaunix网友2010-12-22 14:22:15
很好的, 收藏了 推荐一个博客,提供很多免费软件编程电子书下载: http://free-ebooks.appspot.com