create user test identified by test;
grant create session to test;
conn test/test;
就可以看到所有用户:
select * from all_users;
由于系统中大部分用户密码是弱密码,甚至部分密码和用户名一样,就容易给部分别有用心的用户以可乘之机。
如何关闭这种情况呢,让普通用户不能查看系统中有哪些用户?
答案是肯定的。
作者: denglj 时间: 2022-4-16 22:53
系统:CentOS 7.6
数据库:11.2.0.4
SQL> create user xiaoqiang identified by xiaoqiang default tablespace users;
User created.
SQL> grant create session to xiaoqiang;
Grant succeeded.
SQL> conn xiaoqiang/xiaoqiang;
Connected.
SQL> select username from all_users where rownum<=2;
USERNAME
------------------------------
SYS
SYSTEM
SQL> conn / as sysdba
Connected.
SQL> revoke select on sys.all_users from public;
Revoke succeeded.
SQL> conn xiaoqiang/xiaoqiang;
Connected.
SQL> select username from all_users;
select username from all_users
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> conn / as sysdba
Connected.
SQL> create user xiaohua identified by xiaohua;
User created.
SQL> grant create session to xiaohua;
Grant succeeded.
SQL> conn xiaohua/xiaohua;
Connected.
SQL> select count(*) from all_users;
select count(*) from all_users
*
ERROR at line 1:
ORA-00942: table or view does not exist
SQL> conn / as sysdba
Connected.
SQL> select username,account_status from dba_users where username='SCOTT';
USERNAME ACCOUNT_STATUS
------------------------------ --------------------------------
SCOTT EXPIRED & LOCKED
SQL> alter user scott account unlock;
User altered.
SQL> alter user scott identified by scott;
User altered.
SQL> select count(*) from all_users;
select count(*) from all_users
*
ERROR at line 1:
ORA-00942: table or view does not exist