2.2.4 Authorization

This topic provides information on oracle database authorization.

The init.ora parameter _TRACE_FILES_PUBLIC grants file system read access to anyone who has activated SQL tracing. Set this to its default value of False.

_TRACE_FILES_PUBLIC=FALSE

Set the init.ora parameter REMOTE_OS_ROLES to False to prevent insecure remote roles.

REMOTE_OS_ROLES=FALSE

Set O7_DICTIONARY_ACCESSIBILITY to False to prevent users with Select ANY privilege from reading data dictionary tables. False is the default for the 10g database.

O7_DICTIONARY_ACCESSIBILITY = FALSE