Eexecute privilege to 'public' on tables owned by 'sys' in Orac le

From: INA (V. Brahmanandam) (BrahmanandamVat_private)
Date: Sun Jul 29 2001 - 21:02:40 PDT

Next message: Mads Rasmussen: "Rational Requisite Web shows location of projects in html"

Previous message: Hossein S. Zadeh: "Re: For Indian Knowledge Seekers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

				Hi all,

				In  my current assignment of Oracle security
review,  I have noticed that the following tables owned by 'SYS' had
'execute' privilege granted to 'PUBLIC' . This privilege has been granted to
the 'public' by default, when Oracle is installed, as I understand. I would
like to know, if a general user in the database can make an undue use of
this privilege. I would appreciate any one in  this list, who had a chance
to review this earlier, offer me  some info on this. 

				Thanks and Regards.

				Brahma

				 <<EXECUTE PERMISSION FOR PUBLIC.txt>>

text/plain attachment: EXECUTE_PERMISSION_FOR_PUBLIC.txt

---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/

Next message: Mads Rasmussen: "Rational Requisite Web shows location of projects in html"
Previous message: Hossein S. Zadeh: "Re: For Indian Knowledge Seekers"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon Jul 30 2001 - 11:07:27 PDT