open database exclusive

Printable View

07-21-2003, 02:50 PM
marcio.68

open database exclusive

I used the following commands:

>Shutdown immediate
>startup mount
>recover with time '...'
>open database exclusive

I used "exclusive" so that only I could verify the information, to certify me of that ok.
Was everything however other users had also obtained to connect themselves, despite the exclusive way why?
07-21-2003, 10:29 PM
tombest

Just to make sure I'm answering your question, I think you asked this:

"I started the database in restricted mode, which I thought would keep others from logging in, but others were indeed able to log in. Why?"

They are probably using a userid that has "restricted session" system privilege. Check into that. The DBA role has that priv, for one. That's usually the culprit.
07-22-2003, 07:20 AM
marcio.68

it forgives, my English is very poor. I translating use (www.altavista.com) to pass of the Portuguese for English but is accurately this that wanted to say verified and only the DBAs none possesss DBA. Grant another one possesss permissions of restricted access.

It follows in annex the list of permissions of this base.

SQL> select granted_role, count(*) from dba_role_privs group by granted_role;

GRANTED_ROLE COUNT(*)
------------------------------ ----------
AQ_ADMINISTRATOR_ROLE 2
AQ_USER_ROLE 1
CONNECT 68
DBA 6
DELETE_CATALOG_ROLE 2
EXECUTE_CATALOG_ROLE 4
EXP_FULL_DATABASE 3
HS_ADMIN_ROLE 3
IMP_FULL_DATABASE 2
JAVADEBUGPRIV 1
JAVAIDPRIV 1
JAVASYSPRIV 1
JAVAUSERPRIV 3
JAVA_ADMIN 2
JAVA_DEPLOY 2
METRO_SELECT_TOTAL 19
OEM_MONITOR 1
RECOVERY_CATALOG_OWNER 1
RESOURCE 8
ROLEFOLHASOFT 54
ROLERELATORIO 54
SELECT_CATALOG_ROLE 7
SNMPAGENT 2
07-22-2003, 07:41 AM
TomazZ

This will list you all users and roles that have restricted session privilege

Code:

select s.grantee, r.grantee grantee_through_role from dba_sys_privs s, dba_role_privs r where s.privilege='RESTRICTED SESSION' and r.granted_role (+) = s.grantee
07-22-2003, 07:50 AM
marcio.68

SQL> select s.grantee, r.grantee grantee_through_role
2 from dba_sys_privs s,
3 dba_role_privs r
4 where s.privilege='RESTRICTED SESSION'
5 and r.granted_role (+) = s.grantee;

GRANTEE GRANTEE_THROUGH_ROLE
------------------------------ ------------------------------
DBA COPYMGR
DBA COPYMGR_TMP
DBA MARCIO
DBA ORACLE
DBA SYS
DBA SYSTEM
AURORA$ORB$UNAUTHENTICATED

This last user I do not know.
07-22-2003, 08:30 AM
TomazZ

It is used by Oracle Java Virtual Machine.
07-22-2003, 08:39 AM
marcio.68

through this user he is possible that another one obtains to logar itself in the Oracle, being it in restricted way?
07-22-2003, 08:46 AM
TomazZ

I don't think so.
07-22-2003, 10:42 AM
marcio.68

Which the difference between opening the bank in restrict and exclusive way?
:confused: