Which has the higher priority in your organization: Deploying a new database or securing the ones you already have?
Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx.
Purpose
Manages Oracle Label Security policies, such as creating, altering and or disabling.
AUTHID
DEFINER
Dependencies
DBMS_ASSERT
LBAC$USER_LIBT
LBAC_UTL
DBMS_DATAPUMP
LBAC_CACHE
OLS$POL
DBMS_PRIV_CAPTURE
LBAC_LGSTNDBY_UTIL
OLS$POLT
DBMS_SQL
LBAC_SERVICES
OLS_UTIL_WRAPPER
DBMS_STANDARD
LBAC_STANDARD
SA_SYSDBA
Documented
No
Exceptions
Error Code
Reason
ORA-12458
Oracle Label Security not enabled
First Available
10.1
Policy Enforcement Options
ALL_CONTROL
LABEL_DEFAULT
READ_CONTROL
CHECK_CONTROL
LABEL_UPDATE
UPDATE_CONTROL
DELETE_CONTROL
NO_CONTROL
WRITE_CONTROL
INSERT_CONTROL
Security Model
Owned by LBACSYS with no privileges granted.
-- sys must perform the following
GRANT inherit privileges ON USER sys TO lbacsys;
GRANT lbac_dba to SYS;
lbac_sysdba.alter_policy(
policy_name IN VARCHAR2,
default_options IN VARCHAR2,
column_name IN VARCHAR2,
username IN VARCHAR2,
create_policy IN BOOLEAN);