missymadi
asked on
How do you grant execute on Oracle packages?
Experts,
I have a script I am trying to run for Oracle. I need to Revoke execute on UTL_TCP from Public
but Grant execute on UTL_TCP. I am getting an erro that the table or view does not exist. How do I identify the UTL_TCP package for Revoke and Grant?
I have a script I am trying to run for Oracle. I need to Revoke execute on UTL_TCP from Public
but Grant execute on UTL_TCP. I am getting an erro that the table or view does not exist. How do I identify the UTL_TCP package for Revoke and Grant?
ASKER
The script is signed on as SYSTEM which has full control. Will the SYSTEM account work?
Does the DBMS_LOB and DBMS_SQL accounts also need the SYSTEM account?
Does the DBMS_LOB and DBMS_SQL accounts also need the SYSTEM account?
no, SYSTEM doesn't have the rights to grant execute on SYS owned objects.
SYS objects are special.
I don't know what you mean by your second question.
DBMS_LOB and DBMS_SQL aren't accounts, they are packages.
SYS objects are special.
I don't know what you mean by your second question.
DBMS_LOB and DBMS_SQL aren't accounts, they are packages.
ASKER
I am writing a script to mitigate our information assurance issues. One of the issues is to revoke the Public account on the following packages:
Revoke execute on UTL_FILE from Public;
Revoke execute on UTL_TCP from Public;
Revoke execute on UTL_HTTP from Public;
Revoke execute on UTL_SMTP from Public;
Revoke execute on DBMS_LOB from Public;
Revoke execute on DBMS_SQL from Public;
Revoke execute on DBMS_OBFUSCATION_TOOLKIT to System;
This is where I received the error, the table or view does not exist. I have the environment set to the specific SID and logged in as SYSTEM. From your comments, it sounds like I need to be logged in as SYS to Grant\deny activity on these packages and identify the packages as sys.utl_file, sys.utl_tcp.... Is that correct?
Revoke execute on UTL_FILE from Public;
Revoke execute on UTL_TCP from Public;
Revoke execute on UTL_HTTP from Public;
Revoke execute on UTL_SMTP from Public;
Revoke execute on DBMS_LOB from Public;
Revoke execute on DBMS_SQL from Public;
Revoke execute on DBMS_OBFUSCATION_TOOLKIT to System;
This is where I received the error, the table or view does not exist. I have the environment set to the specific SID and logged in as SYSTEM. From your comments, it sounds like I need to be logged in as SYS to Grant\deny activity on these packages and identify the packages as sys.utl_file, sys.utl_tcp.... Is that correct?
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
revoke execute on sys.utl_tcp from public;
grant execute on sys.utl_tcp to xxxxxxx;