QUESTION 7
You need to configure fine-grained access control to external network resources from within your
database. You create an access control list (ACL) using the DBMS_NETWORK_ACL_ADMIN package.
Which statement is true regarding the ACL created?
A. It is a list of remote database links stored in the XML file that are available to the users of the database.
B. It is a list of users and network privileges stored in the XML file according to which a group of users can
connect to one or more hosts.
C. It is a list of users and network privileges stored in the data dictionary according to which a group of
users can connect to one or more hosts.
D. It is the list of the host names or the IP addresses stored in the data dictionary that can connect to your
database through PL/SQL network utility packages such as UTL_TCP.
Correct Answer: B
在您的
数据库需要配置细粒度的访问控制,你创建一个访问控制列表(ACL)使用dbms_network_acl_admin包。
哪一句是正确的关于ACL?
B.它是一组用户和一组用户可以在XML文件中存储的网络特权
连接到一个或多个主机。
简单点说:Oracle允许使用几个PL/SQL API(UTL_TCP, UTL_SMTP, UTL_MAIL, UTL_HTTP和 UTL_INADDR)访问外部网络服务。需要进行权限授权才可以,比如需要通过oracle发送邮件。
下面是几个常用的定义acl的相关方法:
- 创建访问控制列表
DBMS_NETWORK_ACL_ADMIN.CREATE_ACL(acl => ‘www.xml’,
description => ‘WWW ACL’,
principal => ‘HR’, – 赋予权限给哪个用户
is_grant => true, – true表示授予权限 false表示取消权限
privilege => ‘connect’);