Posts Subscribe to Revolution ChurchComments

Tuesday, November 18, 2008

ORA-01031 Insufficient Privilege

While using the flashback feature, i encountered the following error message, when i tried to query dba_tables which is owned by sys user.

Select * from dba_tables as of timestamp sysdate-30/1440;
ORA-01031 Insufficient Privilege

The above error message is resulted due to the setting of the init parameter O7_DICTIONARY_ACCESSIBILITY to FALSE.

O7_DICTIONARY_ACCESSIBILITY

Possible Values - False (default) and True

When set to False it restricts the system privilege to access the objects owned by the sys user.
When set to true it allows the access to the objects owned by the SYS user.

In order to access the objects owned by sys user despite setting the parameter to false, you must explicitly grant the following roles,

SELECT_CATALOG_ROLE
EXECUTE_CATALOG_ROLE
DELETE_CATALOG_ROLE

Setting the Parameter to true is not recommended for security reasons. For eg., setting the parameter to true will ignore the parameter remote_login_passwordfile parameter. Hence you can connect to the database remotely and hack the database.
Posted by Vinod Dhandapani at Tuesday, November 18, 2008
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Followers

Powered By Blogger
 

Oracle Database Administration. Copyright 2008 All Rights Reserved Revolution Two Church theme by Brian Gardner Converted into Blogger Template by Bloganol dot com