Oracle Magazine, July/August 2017
Database Developer PL SQL ORACLE MAGAZINE JULY AUGUST 2017 86 ORA 06598 insufficient INHERIT PRIVILEGES privilege ORA 06512 at NEW_ CODER SHOW_ TODOS line 1 No more privilege escalation When TM executes NCs code the invoker rights setting AUTHID CURRENT_ USER cannot take advantage of the privileges of the invoker in this case TM INHERIT PRIVILEGES and INHERIT ANY PRIVILEGES regulate the privileges with which a user in this case TM executes an invokers rights procedure owned by NC When a user runs an invokers rights procedure Oracle Database checks it to ensure that the procedure owner has the INHERIT PRIVILEGES privilege on the invoking user or if the owner has been granted the INHERIT ANY PRIVILEGES privilege If the privilege check fails Oracle Database will return an error ORA 06598 insufficient INHERIT PRIVILEGES privilege The bottom line benefit of these two privileges is that they give invoking users control over who can access their privileges when they run an invokers rights program unit CONCLUSION Oracle Database has always offered a very high level of security for DBAs as well as developers With Oracle Database 12c you now have available to you an unprecedented level of granularity and protection By assigning privileges via roles to program units you can follow the least privilege principle and make sure that no user can do anything more than is needed With the INHERIT PRIVILEGES privilege
You must have JavaScript enabled to view digital editions.
