The HR user creates a stand-alone procedure as follows and grants the EXECUTE privilege on the proce

最新推荐文章于 2022-03-17 15:13:58 发布
最新推荐文章于 2022-03-17 15:13:58 发布
阅读量1.4k 收藏
点赞数
分类专栏: OCP 052
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/EVISWANG/article/details/50555621
版权
The HR user creates a stand-alone procedure as follows and grants the EXECUTE privilege on the procedure to many database users: CREATE OR REPLACE PROCEDURE create_dept( v_deptno NUMBER, v_dname VARCHAR2, v_mgrNUMBER, v_loc NUMBER) as BEGIN INSERT INTO hr.departments VALUES (v_deptno, v_dname, v_mgr, v_loc); END; The users having permission to execute the procedure are able to insert records into the DEPARTMENTStable even though they do not have the INSERT privilege on the table. You want only those users whohave privileges on the DEPARTMENTS table to be able to execute the procedure successfully. What would you suggest to the PL/SQL developers to achieve this?
A. Create the procedure with definer's right.
B. Create the procedure with invoker's right.
C. Grant the EXECUTE privilege with GRANT OPTION on the procedure to selected users.

D. Create the procedure as part of a PL/SQL package and grant the EXECUTE privilege on the packageto selected users.


存储过程的definer和invoker权限

【题意简述】HR用户创建了存储过程,内容是往部门表中插入数据,把存储过程的执行权限授予了一些用户,不管用户是否有部门表的insert对象权限,拥有存储过程执行权限的用户可以往部门表中插入数据,现在希望只有部门表的insert对象权限的用户可以成功执行存储过程,应该如何创建存储过程?

【原理概念】 在Oracle8i以前,所有已编译存储对象(包括packages, procedures, functions, triggers, and views)只能以定义者(Definer)身份解析运行;从Oracle8i开始,Oracle引入调用者(invoker)权限,使得对象可以以调用者身份和权限执行. 定义者(Definer):指编译存储对象的所有者.以这个存储对象拥有者的特权来执行它,也就是说,任何具有这个PL/SQL程序单元执行权限的用户都可以访问程序中的对象.所有具有执行权的用户都有相同的访问权限.ORACLE默认为定义者权限. 调用者(Invoker):指拥有当前会话权限的模式,调用者权限是指当前用户(而不是程序的创建者)执行PL/SQL程序体的权限.这意味着不同的用户对于某个对象具有的权限很可能是不同的,这个思想的提出,解决了不同用户更新不同表的方法. 在调用者(definer)权限下,执行的用户操作的schema为当前用户,所操作的对象是当前模式下的对象.在调用者(invoker)权限下,当前用户的权限为当前拥有的权限(含角色).

定义存储过程时,通过指定AUTHID 属性,定义DR Procedure 和IR Procedure DR Procedure: CREATE OR REPLACE procedure DEMO(ID in NUMBER) AUTHID DEFINER as ... BEGIN ... END DEMO; IR Procedure: CREATE OR REPLACE procedure DEMO(ID in NUMBER) AUTHID CURRENT_USER as ... BEGIN ... END DEMO;

A: 错误,应创建调用者权限,而不是定义者权限. 

B: 正确. 

C: 错误,默认是以定义者权限创建存储过程,那么有execute权限就可以向部门表insert数据 不能实现需求,grant option权限是指可以把存储过程权限授权给其它人. 

D: 错误,存储过程可单独创建,不需要放到包里,这样也不能实现题里的需求.



EVISWANG
关注
专栏目录
【大模型】Lamini:用于快速定制模型的 LLM 引擎 | Introducing Lamini, the LLM Engine for Rapidly Customizing Models
程序员光剑
04-29 9181
今天,您可以试用我们的托管数据生成器来训练您自己的 LLM、权重和所有内容,而无需启动任何 GPU,只需使用 Lamini 库中的几行代码。请注意,虽然我们发现 OpenAI 模型的平均表现更好,但它们的许可限制了将生成的数据用于类似于 ChatGPT 的训练模型的商业用途。随着每天发布新的 LLM,我们将默认值更新为性能最佳的模型。Lamini 数据生成器是一个 LLM 流水线,它采用你最初的 100 多条指令的小集合,与预期的响应配对,生成 50k+ 新对,灵感来自 Stanford Alpaca。
Top 10 Use Cases for the Google Kubernetes Engine
最新发布
程序员光剑
09-17 1888
作者:禅与计算机程序设计艺术The Google Kubernetes Engine (GKE), offered by Google Cloud Platform, is a managed Kubernetes service that simplifies the deployment of containerized applications on Google infrastructure. The GKE offers various features and tools to help dev
183.The HR user creates a stand-alone procedure as follows and grants the EXECUTE privilege on the p
dwj19830118的专栏
08-16 1134
183.The HR user creates a stand-alone procedure as follows and grants the EXECUTE privilege on the procedure to many database users:
OCP-1Z0-052-V8.02-183题
一抹曦阳-Oracle
10-30 1万+
183. The HR user creates a stand-alone procedure as follows and grants the EXECUTE privilege on the procedure to many database users:  CREATE OR REPLACE PROCEDURE create_dept ( v_deptno NUMBER, v_dna
连接sde报Execute privilege for required Oracle builtin package DBMS_PIPE must be directly granted for。。
hzfu007的专栏
04-29 2157
Failed to connect to the specified server. Do you want to continue? Underlying DBMS error[ORA-24344: 成功, 但出现编译错误 Execute privilege for required Oracle builtin package DBMS_PIPE must be directly gran
MySQL的权限
WOOOLILI
04-05 1349
一.权限表 mysql数据库中的3个权限表:user 、db、 host 权限表的存取过程是: 1)先从user表中的host、 user、 password这3个字段中判断连接的IP、用户名、密码是否存在表中,存在则通过身份验证; 2)通过权限验证,进行权限分配时,按照useràdbàtables_privàcolumns_priv的顺序进行分配。即先检查全局权限表use
On the Role of Middleware in Architecture-Based Software Development——Translation Version
Mr.鹏
05-06 4368
On the Role of Middleware in Architecture-Based Software Development——Translation Version Mainly from the machine translation, a small part of the manual modification
开发记录--create table as select的问题、array类型字段
AnlaGodness的博客
01-19 2407
第一张图hive查的,表是create table as select 创建的,第二张图的表是同样的数据,只不过落到了结构表里。却在hive上查询,发现数据扩散。明明数据没扩散。 hue 的 impala 不能select 查出array类型的字段,报错 :Only scalar types are allowed in the select list. hive 可以查出 array类型,是由 collect_set 生成的 array< string>,并且array不能 cast转换..
DL之Transformer:《The Illustrated Transformer—图解Transformer》翻译与解读
热门推荐
近期请国内外头部出版社可尽快私信博主!——心比天高,仗剑走天涯,保持热爱,奔赴向梦想!低调,谦虚,自律,反思,成长,还算是比较正能量的博主,公益免费传播……内心特别想在AI界做出一些可以推进历史进程影响力的东西(兴趣使然,有点小情怀,也有点使命感呀)…
08-16 1万+
​ Paper:《The Illustrated Transformer—图解Transformer》翻译与解读 目录 Paper:《The Illustrated Transformer》翻译与解读 1、The Illustrated Transformer 2、A High-Level Look 3、Bringing The Tensors Into The Picture将张量引入图像 4、Now We’re Encoding! 5、The Deco
连接sde,报ora 24344,Execute privilege for required Oracle builtin package DBMS_PIPE
oysqtlmy的博客
03-17 394
转自:https://blog.csdn.net/hzfu007/article/details/24719889 场景: 没有装sde软件,直接把之前的sde用户数据导入到oracle11g中。 数据导完,后在catalog中连接sde时报: Failed to connect to the specified server. Do you want to continue? Underlying DBMS error[ORA-24344: 成功, 但出现编译错误 Execute privile
关于oracle存储过程Definer(定义者权限 )与Invoker(调用者权限)的实验
天哥--天行健君子以自强不息
03-26 1263
试验: --sys用户 drop user test1 ; drop user test2 ; create user test1 identified by test; grant connect to test1; grant create table to test1; create user test2 identified by test; grant connect to tes...
program is a serialization procedure
马如林的IT博客
05-13 696
 Today , I get it .program is a serialization procedure, Tulin support.Mark.
How to execute a method (procedure/function) by name
醒狮
10-25 839
Heres a simple trick to execute a Delphi objects method by name: ~~~~~~~~~~~~~~~~~~~~~~~~~type牋 TForm1 = class(TForm)牋牋 Button1: TButton;牋牋 procedure Button1Click(Sender: TObject) ;牋牋 procedure Ca
155.The user HR owns the EMP table. The user HR grants privileges to the user SCOTT by using this co
dwj19830118的专栏
08-07 1126
155.The user HR owns the EMP table. The user HR grants privileges to the user SCOTT by using this command: SQL> GRANT SELECT,INSERT,UPDATE ON emp TO scott WITH GRANT OPTION; The user SCOTT executes this command to grant privileges to the user JIM: SQL> GRA
50:Which two statements are true about alerts? (Choose two.) 选项 A.Clearing an alert sends the alert
EVISWANG的博客
01-21 2076
50:Which two statements are true about alerts? (Choose two.) 选项 A.Clearing an alert sends the alert to the alert history. B.Response actions cannot be specified with server-generated alerts. C.The
46: Which two statements are true about setting the FAST_START_MTTR_TARGET initialization parameter
EVISWANG的博客
01-13 1377
46: Which two statements are true about setting the FAST_START_MTTR_TARGET initialization parameter to a nonzero value? (Choose two.) 选项 A.The MTTR advisor will be disabled. B.Automatic checkpoint
Write a critique on the cliche praises of feminine beauty that you know of.
05-22
One of the most common cliche praises is the emphasis on a woman's physical attributes, such as her figure, complexion, and hair. While these features may be aesthetically pleasing, they do not define...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值