000028811 - KB-1044 - Creating a Reduced Privileged Linux Account on the ACM Database Server

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000028811
Applies ToAffected Versions: 3.5.X
ResolutionIt is possible to create another database user by executing the following SQL:
1. Create the user (from SYS account)
 
SQL> Create USER ACMREPORTER identified by ACMREPORTER;
SQL> grant connect to ACMREPORTER;
SQL> grant create session to ACMREPORTER;
 

2. Say you then create this sample view (from AVUSER account) and then make it public
 
SQL> CREATE or REPLACE VIEW HAPPY_ACM_USERS AS
SQL> SELECT FIRST_NAME, LAST_NAME FROM T_MASTER_ENTERPRISE_USERS WHERE rownum < 10;

SQL> CREATE PUBLIC SYNONYM HAPPY_ACM_USERS for avuser.HAPPY_ACM_USERS;

3. Then individual “grant” instructions are set for each view/table you want that user to see (from SYS account)
 
SQL> grant SELECT on HAPPY_ACM_USERS to ACMREPORTER;

4. Now the ACMREPORTER user can issue the following query
 
SQL> select * from HAPPY_ACM_USERS;

Attachments

    Outcomes