Snippet Name: Find Dangerous Users Description: Finds users with dangerous assigned roles/grants Also see:» Add PSOUG Search to SQL Developer » Converting Rows to Columns » Database Links: CURRENT_USER » Instant Test Database with DCBA » Show info on current context » Lookup Oracle error messages » Display and release DBMS_LOCK locks » Display locks and latches » Show rollback segment stats » Show active transactions » List supported INIT.ORA parameters » Display database SGA statistics » Measure the Buffer Cache Hit Ratio » List security related profile informat... » Find users with deadly privileges » Audit User Logins (User Login Trigger) » Block TOAD and other tools » Kill Session » Extents » DBA Users » DBA Tablespaces » DBA triggers » DBA Sessions » DBA Roles » DBA Objects » DBA Links » DBA Jobs » Job Queue » DBA Free Space » Data Files Comment: (none) Language: PL/SQL Highlight Mode: PLSQL Last Modified: February 27th, 2009
Description: Finds users with dangerous assigned roles/grants
Also see:» Add PSOUG Search to SQL Developer » Converting Rows to Columns » Database Links: CURRENT_USER » Instant Test Database with DCBA » Show info on current context » Lookup Oracle error messages » Display and release DBMS_LOCK locks » Display locks and latches » Show rollback segment stats » Show active transactions » List supported INIT.ORA parameters » Display database SGA statistics » Measure the Buffer Cache Hit Ratio » List security related profile informat... » Find users with deadly privileges » Audit User Logins (User Login Trigger) » Block TOAD and other tools » Kill Session » Extents » DBA Users » DBA Tablespaces » DBA triggers » DBA Sessions » DBA Roles » DBA Objects » DBA Links » DBA Jobs » Job Queue » DBA Free Space » Data Files
conn / AS sysdba SELECT grantee, granted_role, admin_option FROM sys.dba_role_privs WHERE granted_role IN ('DBA', 'AQ_ADMINISTRATOR_ROLE', 'EXP_FULL_DATABASE', 'IMP_FULL_DATABASE', 'OEM_MONITOR') AND grantee NOT IN ('SYS', 'SYSTEM', 'OUTLN', 'AQ_ADMINISTRATOR_ROLE', 'DBA', 'EXP_FULL_DATABASE', 'IMP_FULL_DATABASE', 'OEM_MONITOR', 'CTXSYS', 'DBSNMP', 'IFSSYS', 'IFSSYS$CM', 'MDSYS', 'ORDPLUGINS', 'ORDSYS', 'TIMESERIES_DBA')
