Thursday, October 23, 2008

Database Vault Example

# Using Database Vault to stop SYS from selecting from a table

1. login to the Database Vault console
2. create a new Realm, and add table robert.test as a Realm Secured Object
3. check who has priveleges on the object

SQL> connect robert/password
Connected.
SQL> grant select on test to robert2;

Grant succeeded.

SQL> connect robert2/password
Connected.
SQL> select * from robert.test;

ID
----------
1

SQL> connect sys as sysdba
Enter password:
Connected.
SQL> select * from robert.test;
select * from robert.test
*
ERROR at line 1:
ORA-01031: insufficient privileges


SQL> connect dvowner
Enter password:
Connected.
SQL> select * from robert.test;

ID
----------
1