Curious Audit Record
- From: "Hostetter, Jay M" <JHostetter@xxxxxxxxxxxxxxxxxxxx>
- To: "Oracle Discussion List" <oracle-l@xxxxxxxxxxxxx>
- Date: Thu, 15 Nov 2007 13:24:25 -0500
I have a DBA_AUDIT_TRAIL record that seems to indicate that a user
successfully created a trigger. However, that user only has the "CREATE
SESSION" system privilege, along with object privileges granted through
roles. I'm trying to figure out how this user created or modified the
trigger (which is in another schema). If I look at DBA_OBJECTS, I see
that the timestamps for the trigger (TIMESTAMP and LAST_DDL_TIME )
correspond to the time when this audit record was created. So it looks
like the user actually did modify the trigger (which was preexisting).
I couldn't find any audit records that would indicate that the user was
temporarily granted privileges either. I've tried creating/updating the
trigger in our corresponding test database, but I get the expected
errors (and audit records). Is there some bug that could possibly be
related to this? Am I missing some security loophole? I haven't had
much luck searching Metalink. Just curious if anybody else has run into
this.
We running 9.2.0.7 on AIX.
Thank you,
Jay
TIMESTAMP USERNAME RETURNCODE OWNER OBJ_NAME ACTION_NAME
COMMENT_TEXT
--------- ---------- ---------- -------- ------------
--------------------------- ------------------
14-NOV-07 CSR123 0 MDX TU_TELNO CREATE TRIGGER
UPDATE
**DISCLAIMER
This e-mail message and any files transmitted with it are intended for the use
of the individual or entity to which they are addressed and may contain
information that is privileged, proprietary and confidential. If you are not
the intended recipient, you may not use, copy or disclose to anyone the message
or any information contained in the message. If you have received this
communication in error, please notify the sender and delete this e-mail
message. The contents do not represent the opinion of D&E except to the extent
that it relates to their official business.
Other related posts:
