| user privileges changed misteriously [message #567223] |
Tue, 25 September 2012 07:56  |
sstellini
Messages: 32
Registered: April 2005
Location: Malta
|
Member |
|
|
We had a strange case few days ago where a developer lost her privileges all of a sudden. She's claiming she didn't change them and no one else could have done it apart from her (DBA wasn't around on those days). We didn't have the audit ALTER USER set up yet so can't check who did it exactly, by using the audit log.
Does anyone know if there is another way to check if she had done it anyway, or if there is perhaps a bug that could cause this (in Toad ver 7.6, Oracle 9i)?
|
|
|
|
|
|
| Re: user privileges changed misteriously [message #567227 is a reply to message #567224] |
Tue, 25 September 2012 08:09  |
sstellini
Messages: 32
Registered: April 2005
Location: Malta
|
Member |
|
|
|
I'm taking about oracle db privileges. She had ALTER USER privilege, so she could change her or someone else privileges and Toad is the tool that allows you to do that, apart from other things.. She claims she didn't change any of her privileges and I'd like to know if there is a way to prove her right or wrong, which ever. As I said, I didn't have 'audit ALTER USER' set up at that time..
|
|
|
|
|
|
|
|
| Re: user privileges changed misteriously [message #567283 is a reply to message #567263] |
Wed, 26 September 2012 02:59 |
sstellini
Messages: 32
Registered: April 2005
Location: Malta
|
Member |
|
|
Erm..
GRANT ALTER USER TO User1 works fine for me..
Anyway, she needs to have that system privilege (thanks for correcting), as she works as a support girl too (we're a small company).
But what I'm trying to find out is if there is another way to check if she had re-stetted her privileges, or if there is perhaps a bug that could cause this to happen.. she was using an old version of Toad (7.6), leaving it on all the time etc.. I didn't find yet that it is possible to check this (Oracle 9i is what we have), but just in case I've posted the question here too..
btw, I've set up the audit on ALTER USER so I will know from now on if that happens again, but for the past week I didn't have that audit set up..
|
|
|
|
|
|
| Re: user privileges changed misteriously [message #567285 is a reply to message #567284] |
Wed, 26 September 2012 03:41 |
sstellini
Messages: 32
Registered: April 2005
Location: Malta
|
Member |
|
|
Thanks Michel,
will see about Log Miner - haven't used it yet..
But why do you think that audit on ALTER USER is useless - it gives me the info that someone changed ie altered user ie: who did it, which user got changed and when and that's useful to me. Maybe I'm missing something.
|
|
|
|
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
