Find Users With Deadly Privileges

Description: Finds database users with deadly system privileges assigned to them.

conn / AS sysdba
 
SELECT grantee, privilege, admin_option
FROM   sys.dba_sys_privs
WHERE  (privilege LIKE '% ANY %'
  OR   privilege IN ('BECOME USER', 'UNLIMITED TABLESPACE')
  OR   admin_option = 'YES')
 AND   grantee NOT IN ('SYS', 'SYSTEM', 'OUTLN', 'AQ_ADMINISTRATOR_ROLE',
                       'DBA', 'EXP_FULL_DATABASE', 'IMP_FULL_DATABASE',
                       'OEM_MONITOR', 'CTXSYS', 'DBSNMP', 'IFSSYS',
                       'IFSSYS$CM', 'MDSYS', 'ORDPLUGINS', 'ORDSYS',
                       'TIMESERIES_DBA')
/

Enjoyed this post? Share it!

 

Leave a comment

Your email address will not be published.