Removing ALL_ views from users

• From: Dennis Williams <oracledba.williams@xxxxxxxxx>
• To: "oracle-l@xxxxxxxxxxxxx" <oracle-l@xxxxxxxxxxxxx>
• Date: Mon, 30 Mar 2009 09:32:28 -0500

List,

Some security auditors are stating that the ALL_ views are a security risk
and are recommending that I revoke them. In particular, they are pointing to
ALL_USERS as offering a hacker useful information. My guess is that the ALL_
views are granted to PUBLIC. Has anyone had this requirement? Has anyone
successfully revoked this access?

Dennis

• Follow-Ups:
  • Re: Removing ALL_ views from users
    • From: Andrew Kerber

Other related posts:

• » Removing ALL_ views from users - Dennis Williams
• » Re: Removing ALL_ views from users- Andrew Kerber
• » Re: Removing ALL_ views from users- Dennis Williams
• » Re: Removing ALL_ views from users- Mayen . Shah
• » Re: Removing ALL_ views from users- Dennis Williams
• » Re: Removing ALL_ views from users- Guillermo Alan Bort
• » Re: Removing ALL_ views from users- Mayen . Shah
• » Re: Removing ALL_ views from users- Dennis Williams

1. Home
2. oracle-l
3. Archive
4. 03-2009

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---