So the CREATE USER selectuser IDENTIFIED BY selectuser ACCOUNT UNLOCK;
Grant select any table to selectuser;
Grant connect to selectuser;
Grant select any dictionary to selectuser;
Create the selectuser user
And then found that the user queries using selectuser a table under a user to query the content the select * from user01. Table01 (no content query results only column names)
But using user user01 query can query the watch is the table01 content in addition to use in the sys user can query the table content
Then assign the dba permissions to selectuser users through normal login will not be able to query the content also is not an error in the table
Through the sysdba login can query to the table content
Selectuser users without giving the dba privileges can query to the other table of contents under user01 table01 cannot only query
Now how in selectusers only query jurisdictions to query the contents of the table01?
Another query table01 built predicate sentence is indeed indexed under user user01
And query statements for the select * from user01. Table01 executed and user01 with sys user at the same time the same sql_id
But individually select count (*) from user01. Table01 results different
Sys user results for 120000 user01 execution results for 10000
The above is the problem I met in the real world just under the user name and the name of the table to replace the
Aix 6.1 system oracle 10.2.0.4
Please god give some advice
CodePudding user response:
The measured, found no problem, you saidIf operation is not a library, the latter, ignores the specific details
CodePudding user response:
Thank you for your support for oracle table has a row level access is related to theIn the same library
Sys user and user user01 select count (*) from table01 results of different
I again take a closer look at the building there is the existence of the VDP predicate sentence
CodePudding user response:
If it is data access control, that is normalCodePudding user response:
VDP role is the user to automatically add a where clause in the query table conditions, so a list with different user queries to get different results are normalCodePudding user response:
There is A problem the user under A table set up A data access control sys user can view to all of the data the user can see the part B all other users to view the results for A null value now wants to add A user C he can see the A and B authorized users how to set up the content of the same?CodePudding user response:
VDP should have set a custom user data permissions list, find the table, the user data is copied to the user of the C B