Link to home
Create AccountLog in
Avatar of missymadi
missymadi

asked on

How do you grant execute on Oracle packages?

Experts,

         I have a script I am trying to run for Oracle. I need to Revoke execute on UTL_TCP from Public
but Grant execute on UTL_TCP. I am getting an erro that the table or view does not exist. How do I identify the UTL_TCP package for Revoke and Grant?
Avatar of Sean Stuber
Sean Stuber

You'll need to be logged in as SYS to do these grants.


revoke execute on sys.utl_tcp from public;

grant execute on sys.utl_tcp to xxxxxxx;
Avatar of missymadi

ASKER

The script is signed on as SYSTEM which has full control. Will the SYSTEM account work?
Does the DBMS_LOB and DBMS_SQL accounts also need the SYSTEM account?
no, SYSTEM doesn't have the rights to grant execute on SYS owned objects.

SYS objects are special.

I don't know what you mean  by your second question.
DBMS_LOB and DBMS_SQL aren't accounts, they are packages.  
I am writing a script to mitigate our information assurance issues. One of the issues is to revoke the Public account on the following packages:

Revoke execute on UTL_FILE from Public;
Revoke execute on UTL_TCP from Public;
Revoke execute on UTL_HTTP from Public;
Revoke execute on UTL_SMTP from Public;
Revoke execute on DBMS_LOB from Public;
Revoke execute on DBMS_SQL from Public;
Revoke execute on DBMS_OBFUSCATION_TOOLKIT to System;

This is where I received the error, the table or view does not exist. I have the environment set to the specific SID and logged in as SYSTEM. From your comments, it sounds like I need to be logged in as SYS to Grant\deny activity on these packages and identify the packages as sys.utl_file, sys.utl_tcp.... Is that correct?
ASKER CERTIFIED SOLUTION
Avatar of Sean Stuber
Sean Stuber

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer