-
open database exclusive
I used the following commands:
>Shutdown immediate
>startup mount
>recover with time '...'
>open database exclusive
I used "exclusive" so that only I could verify the information, to certify me of that ok.
Was everything however other users had also obtained to connect themselves, despite the exclusive way why?
Márcio de Souza Almeida
DBA Oracle / SQLServer / PostgreSQL
Rua Cupa, 139 Apto 85 A
Penha - São Paulo - SP
03640-000 - Brasil
http://www.directory.com.br
-
Just to make sure I'm answering your question, I think you asked this:
"I started the database in restricted mode, which I thought would keep others from logging in, but others were indeed able to log in. Why?"
They are probably using a userid that has "restricted session" system privilege. Check into that. The DBA role has that priv, for one. That's usually the culprit.
Tom Best
-
it forgives, my English is very poor. I translating use (www.altavista.com) to pass of the Portuguese for English but is accurately this that wanted to say verified and only the DBAs none possesss DBA. Grant another one possesss permissions of restricted access.
It follows in annex the list of permissions of this base.
SQL> select granted_role, count(*) from dba_role_privs group by granted_role;
GRANTED_ROLE COUNT(*)
------------------------------ ----------
AQ_ADMINISTRATOR_ROLE 2
AQ_USER_ROLE 1
CONNECT 68
DBA 6
DELETE_CATALOG_ROLE 2
EXECUTE_CATALOG_ROLE 4
EXP_FULL_DATABASE 3
HS_ADMIN_ROLE 3
IMP_FULL_DATABASE 2
JAVADEBUGPRIV 1
JAVAIDPRIV 1
JAVASYSPRIV 1
JAVAUSERPRIV 3
JAVA_ADMIN 2
JAVA_DEPLOY 2
METRO_SELECT_TOTAL 19
OEM_MONITOR 1
RECOVERY_CATALOG_OWNER 1
RESOURCE 8
ROLEFOLHASOFT 54
ROLERELATORIO 54
SELECT_CATALOG_ROLE 7
SNMPAGENT 2
Márcio de Souza Almeida
DBA Oracle / SQLServer / PostgreSQL
Rua Cupa, 139 Apto 85 A
Penha - São Paulo - SP
03640-000 - Brasil
http://www.directory.com.br
-
This will list you all users and roles that have restricted session privilege
Code:
select s.grantee, r.grantee grantee_through_role
from dba_sys_privs s,
dba_role_privs r
where s.privilege='RESTRICTED SESSION'
and r.granted_role (+) = s.grantee
Tomaž
"A common mistake that people make when trying to design something completely
foolproof is to underestimate the ingenuity of complete fools" - Douglas Adams
-
SQL> select s.grantee, r.grantee grantee_through_role
2 from dba_sys_privs s,
3 dba_role_privs r
4 where s.privilege='RESTRICTED SESSION'
5 and r.granted_role (+) = s.grantee;
GRANTEE GRANTEE_THROUGH_ROLE
------------------------------ ------------------------------
DBA COPYMGR
DBA COPYMGR_TMP
DBA MARCIO
DBA ORACLE
DBA SYS
DBA SYSTEM
AURORA$ORB$UNAUTHENTICATED
This last user I do not know.
Márcio de Souza Almeida
DBA Oracle / SQLServer / PostgreSQL
Rua Cupa, 139 Apto 85 A
Penha - São Paulo - SP
03640-000 - Brasil
http://www.directory.com.br
-
It is used by Oracle Java Virtual Machine.
Tomaž
"A common mistake that people make when trying to design something completely
foolproof is to underestimate the ingenuity of complete fools" - Douglas Adams
-
through this user he is possible that another one obtains to logar itself in the Oracle, being it in restricted way?
Márcio de Souza Almeida
DBA Oracle / SQLServer / PostgreSQL
Rua Cupa, 139 Apto 85 A
Penha - São Paulo - SP
03640-000 - Brasil
http://www.directory.com.br
-
Tomaž
"A common mistake that people make when trying to design something completely
foolproof is to underestimate the ingenuity of complete fools" - Douglas Adams
-
Which the difference between opening the bank in restrict and exclusive way?
Last edited by marcio.68; 07-22-2003 at 02:52 PM.
Márcio de Souza Almeida
DBA Oracle / SQLServer / PostgreSQL
Rua Cupa, 139 Apto 85 A
Penha - São Paulo - SP
03640-000 - Brasil
http://www.directory.com.br
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|