Which has the higher priority in your organization: Deploying a new database or securing the ones you already have?
Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx.
Purpose
Real Application Security Internal Administration
Utilities
AUTHID
CURRENT_USER
Constants
Name
Data Type
Value
Dependency Types
ROLE_GRANT_PROXY_DEP
PLS_INTEGER
1
SC_INHERIT_DEP
PLS_INTEGER
2
SCOPE_ACL_DEP
PLS_INTEGER
3
ACL_INHERIT_DEP
PLS_INTEGER
4
PROTECT_INST_SET_DEP
PLS_INTEGER
5
GRANT_DENY_PRNC_DEP
PLS_INTEGER
6
ROLE_ROLESET_DEP
PLS_INTEGER
7
Delete Entity Return Values
DELETE_SUCCESS
PLS_INTEGER
0
WARN_DEP_EXISTS
PLS_INTEGER
1
WARN_CONSTRIANTS_EXISTS
PLS_INTEGER
2
Object Creation Status
OBJ_WITH_STATUS_NOT_EXISTS
PLS_INTEGER
0
OBJ_WITH_STATUS_EXISTS
PLS_INTEGER
1
OBJ_WITH_STATUS_EXTERNAL
PLS_INTEGER
2
Non-Operating Schema System Privileges
SPRIV_DBA
PLS_INTEGER
0
SPRIV_CREATE_USER
PLS_INTEGER
1
SPRIV_CREATE_ROLE
PLS_INTEGER
2
SPRIV_DROP_USER
PLS_INTEGER
3
SPRIV_DROP_ROLE
PLS_INTEGER
4
SPRIV_GRANT_ROLE
PLS_INTEGER
5
SPRIV_ALTER_USER
PLS_INTEGER
6
SPRIV_ALTER_ROLE
PLS_INTEGER
7
Triton Admin Audit Actions
AUDIT_CREATE_USER
PLS_INTEGER
1
AUDIT_UPDATE_USER
PLS_INTEGER
2
AUDIT_DELETE_USER
PLS_INTEGER
3
AUDIT_CREATE_ROLE
PLS_INTEGER
4
AUDIT_UPDATE_ROLE
PLS_INTEGER
5
AUDIT_DELETE_ROLE
PLS_INTEGER
6
AUDIT_GRANT_ROLE
PLS_INTEGER
7
AUDIT_REVOKE_ROLE
PLS_INTEGER
8
AUDIT_ADD_PROXY
PLS_INTEGER
9
AUDIT_REMOVE_PROXY
PLS_INTEGER
10
AUDIT_SET_PASSWORD
PLS_INTEGER
11
AUDIT_SET_VERIFIER
PLS_INTEGER
12
AUDIT_CREATE_ROLESET
PLS_INTEGER
13
AUDIT_UPDATE_ROLESET
PLS_INTEGER
14
AUDIT_DELETE_ROLESET
PLS_INTEGER
15
AUDIT_CREATE_SECURITY_CLASS
PLS_INTEGER
16
AUDIT_UPDATE_SECURITY_CLASS
PLS_INTEGER
17
AUDIT_DELETE_SECURITY_CLASS
PLS_INTEGER
18
AUDIT_CREATE_NAMESPACE
PLS_INTEGER
19
AUDIT_UPDATE_NAMESPACE
PLS_INTEGER
20
AUDIT_DELETE_NAMESPACE
PLS_INTEGER
21
AUDIT_CREATE_ACL
PLS_INTEGER
22
AUDIT_UPDATE_ACL
PLS_INTEGER
23
AUDIT_DELETE_ACL
PLS_INTEGER
24
AUDIT_CREATE_DATA_SECURITY
PLS_INTEGER
25
AUDIT_UPDATE_DATA_SECURITY
PLS_INTEGER
26
AUDIT_DELETE_DATA_SECURITY
PLS_INTEGER
27
AUDIT_ENABLE_DATA_SECURITY
PLS_INTEGER
28
AUDIT_DISABLE_DATA_SECURITY
PLS_INTEGER
29
AUDIT_ENABLE_ROLE
PLS_INTEGER
33
AUDIT_DISABLE_ROLE
PLS_INTEGER
34
AUDIT_SET_PROFILE
PLS_INTEGER
47
AUDIT_GRANT_PRIVILEGE
PLS_INTEGER
48
AUDIT_REVOKE_PRIVILEGE
PLS_INTEGER
49
DBMS_XS_AUDLIST Indices
AUD_TARGETPNAME
PLS_INTEGER
1
AUD_PROXYUNAME
PLS_INTEGER
2
AUD_POLICYNAME
PLS_INTEGER
3
AUD_SCHEMANAME
PLS_INTEGER
4
AUD_ENABLEDROLE
PLS_INTEGER
5
AUD_OBJOWN
PLS_INTEGER
6
AUD_OBJNAME
PLS_INTEGER
7
Auditing Entity Types
AUD_ENTITY_TYPE_USER
PLS_INTEGER
1
AUD_ENTITY_TYPE_SECURITY_CLASS
PLS_INTEGER
2
AUD_ENTITY_TYPE_ACL
PLS_INTEGER
3
AUD_ENTITY_TYPE_ROLE
PLS_INTEGER
4
AUD_ENTITY_TYPE_DATA_SECURITY
PLS_INTEGER
5
AUD_ENTITY_TYPE_ROLESET
PLS_INTEGER
6
AUD_ENTITY_TYPE_NSTEMPL
PLS_INTEGER
7
Data Types
TYPE DBMS_XS_AUDLIST IS VARRAY(7) OF VARCHAR2(4000);
xs_admin_int.admin_audit(
act IN PLS_INTEGER,
auderr IN PLS_INTEGER,
entitytype IN PLS_INTEGER,
audrec_index1 IN PLS_INTEGER := 0,
audrec1 IN VARCHAR2 := NULL,
audrec_index2 IN PLS_INTEGER := 0,
audrec2 IN VARCHAR2 := NULL,
audrec_index3 IN PLS_INTEGER := 0,
audrec3 IN VARCHAR2 := NULL);
xs_admin_int.check_permissions(
obj_name IN VARCHAR2,
obj_type IN PLS_INTEGER,
sys_priv IN PLS_INTEGER := NULL,
scope IN PLS_INTEGER := 1,
aclid IN NUMBER := NULL,
access_type IN PLS_INTEGER := NULL,
tab_schema IN VARCHAR2 := NULL,
check_any_privs IN BOOLEAN := FALSE);
PRAGMA SUPPLEMENTAL_LOG_DATA(check_permission, READ_ONLY);
xs_admin_int.create_dependency(
dep_type IN PLS_INTEGER,
obj_name1 IN VARCHAR2,
obj_type1 IN PLS_INTEGER,
obj_id1 IN OUT NUMBER,
obj_name2 IN VARCHAR2,
obj_type2 IN PLS_INTEGER,
obj_id2 IN OUT NUMBER);
xs_admin_int.delete_dependency(
dep_type IN PLS_INTEGER,
obj_name1 IN VARCHAR2,
obj_type1 IN PLS_INTEGER,
obj_id1 IN OUT NUMBER,
obj_name2 IN VARCHAR2,
obj_type2 IN PLS_INTEGER,
obj_id2 IN OUT NUMBER);
xs_admin_int.get_entity_id(
obj_name IN VARCHAR2,
obj_type IN PLS_INTEGER,
obj_status OUT PLS_INTEGER,
obj_schema OUT VARCHAR2,
obj_oname OUT VARCHAR2,
obj_id OUT NUMBER);
PRAGMA SUPPLEMENTAL_LOG_DATA(get_entity_id, READ_ONLY);
Parse and validates a RAS Qualified name (schema_name.entity_name)
xs_admin_int.validate_entity_name(
obj_name IN VARCHAR2,
obj_type IN PLS_INTEGER,
obj_schema OUT VARCHAR2,
obj_ename OUT VARCHAR2);
PRAGMA SUPPLEMENTAL_LOG_DATA(validate_entity_name, READ_ONLY);