| Revoke query [message #152180] |
Wed, 21 December 2005 09:25  |
Rishi Mahajan
Messages: 29
Registered: April 2005
Location: India
|
Junior Member |
|
|
Hi grp
While checking my production db, i have observed that
someone has granted DBA to PUBLIC. As a result of
this, when im creating a new user, it is by default
getting the DBA privileges. Now, I want to know the
cascading effect of running REVOKE DBA from PUBLIC. Is
it going to affect any existing procedures and
functions. What will be the cascading effects?
Thx in advance
Rishi
|
|
|
|
| Re: Revoke query [message #152213 is a reply to message #152180] |
Wed, 21 December 2005 12:58  |
smartin
Messages: 1803
Registered: March 2005
Location: Jacksonville, Florida
|
Senior Member |
|
|
Others such as Mahesh will probably have a better answer for you than I, as that is their area, but my suggestion would be to:
1. Immeidately evaluate who has access to grant the dba role to begin with, and restrict / remove folks from being able to do so. I don't see how granting DBA to public in production is an excusable act that should be tolerated or allowed again. Massive red flags should be going off in your head.
2. Backup production as is if not already done so and restore it to a test environment. Do the revoke there, and test your apps for any issues that arise. Hopefully none of your development was done with the assumption that all of the users would be DBA's. You can also read the sections in docs about revoke and cascading effects, but testing is the only way to know about your particular database and code and apps.
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
