Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

security related tables/views in oracle RDBMS

Posted on 2013-06-03
4
Medium Priority
?
511 Views
Last Modified: 2013-06-18
I am trying to document some useful security related tables in Oracle RDBMS that would be of interest to auditors to create an account with read only access permissions to query those. Can you detail which are the main security related tables/views in oracle (so perhaps those with account information, permission information, physical file information (i.e. where is the database), etc.
0
Comment
Question by:pma111
  • 2
  • 2
4 Comments
 
LVL 35

Accepted Solution

by:
johnsone earned 2000 total points
ID: 39216295
Typically, auditors that I have run into need the information from these views:

DBA_USERS
DBA_TAB_PRIVS
DBA_SYS_PRIVS
DBA_ROLE_PRIVS


If you are looking for where files are located, that would be:

DBA_DATA_FILES
DBA_TEMP_FILES
0
 
LVL 3

Author Comment

by:pma111
ID: 39216323
Are the password hashes in dba_users ?
0
 
LVL 3

Author Comment

by:pma111
ID: 39216326
Which table stores details about password management policies? And how can you marry up which accounts are subject to which password policies?
0
 
LVL 35

Expert Comment

by:johnsone
ID: 39216459
Yes, the hashed passwords are in DBA_USERS.

The password policy is a function of the profile that the user is assigned to.  You should see that in DBA_USERS as well.  Then you need DBA_PROFILES to be able to see what the settings are.  If you have a password verification function, you are going to have to pull the code for that yourself from DBA_SOURCE, the name of the function should be in the profile.
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Among the most obnoxious of Exchange errors is error 1216 – Attached Database Mismatch error of the Jet Database Engine. When faced with this error, users may have to suffer from mailbox inaccessibility and in worst situations, permanent data loss.
Blockchain technology enhances society similar to the Internet. Its effects are broad, disruptive, and will boost global productivity.
This videos aims to give the viewer a basic demonstration of how a user can query current session information by using the SYS_CONTEXT function
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question