Access Control Lists in 11g
- From: Christoph <cruepprich@xxxxxxxxx>
- To: oracle-l@xxxxxxxxxxxxx
- Date: Fri, 20 Aug 2010 14:53:40 -0500
Hi all,
As I was experimenting and learing about creating ACLs, I came accross
this issue:
I created an ACL, acl_1, and assigned it to a host, host_1.
The table dba_network_acls showed the following:
HOST LOWER_PORT UPPER_PORT ACL ACLID
host1
/sys/acls/acl_1.xml 8E46769AA13863BCE040320A58064404
Then I created another ACL, acl_2, and assigned it also to host_1.
When I checked dba_network_acls I saw:
HOST LOWER_PORT UPPER_PORT ACL ACLID
host1
/sys/acls/acl_2.xml 8E46769AA13863BCE040320A58064404
acl_2 replaced acl_1!
I assume that this is Oracle's normal behavior, but I haven't found
anything in the documentation that hints to the fact that when you
assign a second ACL to a host that already has an ACL assignment, the
first ACL assignment gets replaced by the second.
Is there a way to somehow allow two ACLs for a single host?
Consider this scenario:
acl_1 is assigned to host_1 and host_2.
Now I want to have a particular user to only have access to host_1. If
I add the user to acl_1, then the privileges for that user will be in
effect for host_1 and host_2.
How can I have this new user only have access to host_1?
Thanks,
Christoph
--
"Men do not quit playing because they grow old; they grow old because
they quit playing."
- Justice Oliver Wendell Holmes
--
//www.freelists.org/webpage/oracle-l
Other related posts:
