Security Views

MGMT$ESA_ALL_PRIVS_REPORT

The MGMT$ESA_ALL_PRIVS_REPORT view displays a table containing users and roles that have the 'GRANT ANY PRIVILEGE' privilege in database security reports.

Table 16-1 MGMT$ESA_ALL_PRIVS_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or roles that have been granted this privilege (that is, GRANT ANY PRIVILEGE->DBA->SYS)
OBJECT_NAME	The name of the user that been granted the privilege (GRANT ANY PRIVILEGE)

MGMT$ESA_ANY_DICT_REPORT

The MGMT$ESA_ANY_DICT_REPORT view displays a table and a chart containing users and roles with access to any dictionary in database security reports.

Table 16-2 MGMT$ESA_ANY_DICT_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or roles that been granted this privilege. For example, SELECT ANY DICTIONARY->SCHEMA_OWNER_ROLE->SYS
OBJECT_NAME	The user that has been granted any of the ANY DICTIONARY privileges. For example, SELECT ANY DICTIONARY, ANALYZE ANY DICTIONARY, and so on.

MGMT$ESA_ANY_PRIV_REPORT

The MGMT$ESA_ANY_PRIV_REPORT view displays a table and a chart containing users with 'ANY' in some privilege granted to them in database security reports.

Table 16-3 MGMT$ESA_ANY_PRIV_REPORT

COLUMN	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or role which has been granted a privilege having 'ANY'. For example, BACKUP ANY TABLE->EXP_FULL_DATABASE->DATAPUMP_EXP_FULL_DATABASE->SYS
OBJECT_NAME	The user that has been granted one of the ANY privileges. For example, ALTER ANY MATERIALIZED VIEW, ALTER ANY INDEX, BACKUP ANY TABLE, and so on.

MGMT$ESA_AUDIT_SYSTEM_REPORT

The MGMT$ESA_AUDIT_SYSTEM_REPORT view displays a table containing users and roles with the 'AUDIT SYSTEM' privilege in database security reports.

Table 16-4 MGMT$ESA_AUDIT_SYSTEM_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or role which has been granted 'AUDIT SYSTEM' privilege. For example, AUDIT SYSTEM->SYS, AUDIT SYSTEM->IMP_FULL_DATABASE->DATAPUMP_IMP_FULL_DATABASE->DBA->SYSTEM, and so on.
OBJECT_NAME	The user that has been granted 'ALTER SYSTEM' privilege

MGMT$ESA_BECOME_USER_REPORT

The MGMT$ESA_BECOME_USER_REPORT view displays a table containing users and roles with the 'BECOME USER' privilege in database security reports.

Table 16-5 MGMT$ESA_BECOME_USER_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or role which has been granted 'BECOME USER' privilege. For example, BECOME USER->SYS, BECOME USER->DBA->SYSTEM, BECOME USER->IMP_FULL_DATABASE->DATAPUMP_IMP_FULL_DATABASE->DBA->BAM, and so on.
OBJECT_NAME	The user that has been granted the 'BECOME USER' privilege

MGMT$ESA_CATALOG_REPORT

The MGMT$ESA_CATALOG_REPORT view displays a table and a chart containing all the users that have a role such as '%CATALOG%' in database security reports.

Table 16-6 MGMT$ESA_CATALOG_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or role which has been granted a role like '%CATALOG%'. For example, RECOVERY_CATALOG_OWNER->SYS, EXECUTE_CATALOG_ROLE->TBLO_ROLE->CRM, and so on.
OBJECT_NAME	User that has been granted one of the 'CATALOG' privileges. For example, SELECT_CATALOG_ROLE, EXECUTE_CATALOG_ROLE, DELETE_CATALOG_ROLE, and so on.

MGMT$ESA_CONN_PRIV_REPORT

The MGMT$ESA_CONN_PRIV_REPORT view displays a table and a chart containing users and roles with the CONNECT or RESOURCE role in database security reports.

Table 16-7 MGMT$ESA_CONN_PRIV_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or role which has been granted the CONNECT or RESOURCE role
OBJECT_NAME	The role if granted directly, or the role through it has been granted

MGMT$ESA_CREATE_PRIV_REPORT

The MGMT$ESA_CREATE_PRIV_REPORT view displays a table and a chart containing users and roles with the CREATE privilege in database security reports.

Table 16-8 MGMT$ESA_CREATE_PRIV_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or role which has been granted the privilege to create an object in the database. For example, CREATE ANY CONTEXT->SYS, CREATE ANY INDEX->OLAP_DBA->OLAPSYS, and so on.
OBJECT_NAME	User that has been granted one of the 'CREATE' privileges

MGMT$ESA_DBA_GROUP_REPORT

The MGMT$ESA_DBA_GROUP_REPORT view displays a table containing members of the operating system user group DBA in database security reports.

Table 16-9 MGMT$ESA_DBA_GROUP_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The operating system user which is in the user group DBA.
OBJECT_NAME	DBA Group

MGMT$ESA_DBA_ROLE_REPORT

The MGMT$ESA_DBA_ROLE_REPORT view displays a table containing users and roles with the DBA role granted to them in database security reports.

Table 16-10 MGMT$ESA_DBA_ROLE_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or role which has been granted the DBA role
OBJECT_NAME	User that has been granted the DBA role

MGMT$ESA_DIRECT_PRIV_REPORT

The MGMT$ESA_DIRECT_PRIV_REPORT view displays a table and a chart containing privileges granted directly in database security reports.

Table 16-11 MGMT$ESA_DIRECT_PRIV_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	User which has been granted a privilege directly i.e. not via a role
OBJECT_NAME	The privilege that has been granted directly. For example, ALTER SESSION, SELECT ANY DICTIONARY, and so on.

MGMT$ESA_EXMPT_ACCESS_REPORT

The MGMT$ESA_EXMPT_ACCESS_REPORT view displays a table containing users and roles with the EXEMPT ACCESS POLICY privilege in database security reports.

Table 16-12 MGMT$ESA_EXMPT_ACCESS_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or role which has been granted the 'EXEMPT ACCESS POLICY' privilege
OBJECT_NAME	User that has been granted one of the 'EXEMPT ACCESS POLICY' privilege

MGMT$ESA_KEY_OBJECTS_REPORT

The MGMT$ESA_KEY_OBJECTS_REPORT view displays a table and a chart containing users and roles with access to key objects in database security reports.

Table 16-13 MGMT$ESA_KEY_OBJECTS_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
USER	The user which has access to key objects
OBJECT_NAME	The key object to which that use has access. For example, View DBA_USERS, Table SOURCE$, Table USER$
PRIVILEGE	The privilege on the key object that has been granted to the user. For example, SELECT, DELETE, and so on.

MGMT$ESA_OH_OWNERSHIP_REPORT

The MGMT$ESA_OH_OWNERSHIP_REPORT view displays a table containing file ownership by Oracle home in database security reports.

Table 16-14 MGMT$ESA_OH_OWNERSHIP_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The file whose owner is not the ORACLE HOME owner
OBJECT_NAME	The owner of the file

MGMT$ESA_OH_PERMISSION_REPORT

The MGMT$ESA_OH_PERMISSION_REPORT view displays a table containing file permissions by Oracle home in database security reports.

Table 16-15 MGMT$ESA_OH_PERMISSION_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The file that has an insecure permission
OBJECT_NAME	The permission of the file

MGMT$ESA_POWER_PRIV_REPORT

The MGMT$ESA_POWER_PRIV_REPORT view displays a table and a chart containing all the users and roles with ALTER SESSION, ALTER SYSTEM, CREATE PROCEDURE or CREATE LIBRARY privileges in database security reports.

Table 16-16 MGMT$ESA_POWER_PRIV_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user that has powerful privileges
OBJECT_NAME	The powerful privilege held by the user

MGMT$ESA_PUB_PRIV_REPORT

The MGMT$ESA_PUB_PRIV_REPORT view displays a table and a chart containing privileges granted to PUBLIC in database security reports.

Table 16-17 MGMT$ESA_PUB_PRIV_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The object on which some privilege has been granted to PUBLIC
OBJECT_NAME	The privilege on the object which has been granted to PUBLIC. For example, SELECT, EXECUTE, and so on.

MGMT$ESA_SYS_PUB_PKG_REPORT

The MGMT$ESA_SYS_PUB_PKG_REPORT view displays a table containing system packages with public execute privileges in database security reports.

Table 16-18 MGMT$ESA_SYS_PUB_PKG_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	PUBLIC
OBJECT_NAME	The package owned by SYS on which PUBLIC has execute privileges

MGMT$ESA_TABSP_OWNERS_REPORT

The MGMT$ESA_TABSP_OWNERS_REPORT view displays a table containing tablespaces and their owners in database security reports.

Table 16-19 MGMT$ESA_TABSP_OWNERS_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The tablespace
OBJECT_NAME	The owner of the tablespace

MGMT$ESA_TRC_AUD_PERM_REPORT

The MGMT$ESA_TRC_AUD_PERM_REPORT view displays a table containing trace and audit files permissions in database security reports.

Table 16-20 MGMT$ESA_TRC_AUD_PERM_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The file path
OBJECT_NAME	The purpose of the file. For example, audit file destination, background dump destination, core dump destination, user dump destination, and so on.
PERMISSION	Permission of the file

MGMT$ESA_WITH_ADMIN_REPORT

The MGMT$ESA_WITH_ADMIN_REPORT view displays a table and a chart containing users and roles having some privileges granted to them with the WITH ADMIN option in database security reports.

Table 16-21 MGMT$ESA_WITH_ADMIN_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or role which has been granted a privilege 'WITH ADMIN' option
OBJECT_NAME	The privilege which has been granted 'WITH ADMIN' option

MGMT$ESA_WITH_GRANT_REPORT

The MGMT$ESA_WITH_GRANT_REPORT view displays a table and a chart containing users and roles having some privileges granted to them with 'WITH GRANT' option in database security reports.

Table 16-22 MGMT$ESA_WITH_GRANT_REPORT

Column	Description
TARGET_GUID	The GUID of the target for which the report has the data
TARGET_NAME	The name of the target for which the report has the data
PRINCIPAL	The user or role which has been granted a privilege 'WITH GRANT' option
OBJECT_NAME	The privilege which has been granted 'WITH GRANT' option

MGMT$ESM_COLLECTION_LATEST

The MGMT$ESM_COLLECTION_LATEST view contains properties relating to security for database targets.

Table 16-23 MGMT$ESM_COLLECTION_LATEST

Column	Description
TARGET_GUID	The GUID of the database target
PROPERTY	Name of the attribute
VALUE	Value of the attribute
VALUE2	Used to capture additional values of the attribute

MGMT$ESM_FILE_SYSTEM_LATEST

The MGMT$ESM_FILE_SYSTEM_LATEST view contains the file system type for the Windows host targets.

Table 16-24 MGMT$ESM_FILE_SYSTEM_LATEST

Column	Description
TARGET_GUID	The GUID of the Windows host target
FILE_SYSTEM	The type of file system

MGMT$ESM_PORTS_LATEST

The MGMT$ESM_PORTS_LATEST view contains the open ports for the host target.

Table 16-25 MGMT$ESM_PORTS_LATEST

Column	Description
TARGET_GUID	The GUID of the host target
PORT	The value of the open port (listening mode)

MGMT$ESM_SERVICE_LATEST

The MGMT$ESM_SERVICE_LATEST view contains the insecure services running on the host targets.

Table 16-26 MGMT$ESM_SERVICE_LATEST

Column	Description
TARGET_GUID	The GUID of the host target
SERVICE	The port value for the service

MGMT$ESM_STACK_LATEST

The MGMT$ESM_STACK_LATEST view contains executable stack status host targets.

Table 16-27 MGMT$ESM_STACK_LATEST

Column	Description
TARGET_GUID	The GUID of the host target
EXE_STACK	The status of the executable stack