PSOUG Home Code Snippets Oracle Lookup Oracle Reference Oracle Error Codes Oracle Functions PSOUG Forum


CODE
Oracle Code Library
JOBS
Find Or Post Oracle Jobs
FORUM
Oracle Discussion & Chat
PSOUG Home Code Snippets Oracle Reference Oracle Functions PSOUG Forum Oracle Blogs Bookmark and Share
 
 Search the Reference Library pages:  

Free
Oracle Magazine
Subscriptions
and Oracle White Papers

Oracle Product User Profile
Version 11.1
 
Create Profile - Disable Commands
Source -- must be run as SYSTEM

{$ORACLE_HOME}\sqlplus\admin\pupbld.sql
Data Dictionary Objects product_profile
product_user_profile
SQL*Plus commands that can be disabled
COPY EXIT QUIT SPOOL
DECLARE GET RUN START
EDIT HOST SAVE  
EXECUTE PASSWORD SET  
SQL commands that can be disabled
ALTER DELETE NOAUDIT SET ROLE
ANALYZE DROP RENAME SET TRANSACTION
AUDIT GRANT REVOKE TRUNCATE
CONNECT INSERT SELECT UPDATE
CREATE LOCK SET CONSTRAINTS  
To disable commands To disable a SQL or SQL*Plus command for a given user, insert a row containing the user's username in the USERID column, the command name in the ATTRIBUTE column, and DISABLED in the CHAR_VALUE column.

INSERT INTO product_user_profile
VALUES
(<product_name>, <schema_name>, <SQL Command>, NULL, NULL,
'DISABLED', NULL, NULL);
INSERT INTO system.product_user_profile
(product, userid, attribute, scope, numeric_value, char_value, date_value, long_value)
 VALUES
('SQL*Plus', 'UWCLASS', 'SELECT', NULL, NULL, 'DISABLED', NULL, NULL);

COMMIT;
To disable a role for all users When you enter "PUBLIC" or "%" for the USERID column, you disable the role for all users.

During login, these table rows are translated into the command

SET ROLE ALL EXCEPT ROLE1, ROLE2
INSERT INTO system.product_user_profile
(product,userid, ...)
VALUES
('SQL*PLUS', PUBLIC, ...)

or

('SQL*PLUS', '%', ...)

COMMIT;
Disable Host Command To prevent shelling out to the operating system
INSERT INTO system.product_user_profile
(product,userid,attribute,scope,numeric_value,char_value)
VALUES
('SQL*Plus', '%', 'HOST', NULL, NULL, 'DISABLED');

COMMIT;
 
Drop Profile - Re-enable Commands
To re-enable commands Delete the row containing the restriction.
DELETE FROM product_user_profile WHERE userid = 'UWCLASS';
 
Related Topics
Consumer Groups
Profiles
Roles
Users
 
Home      :      Code Library      :      Sponsors      :      Privacy      :      Terms of Use      :      Contact Us [184 users online]    © 2010 psoug.org