Oracle Database 12c INHERIT PRIVILEGES Privilege (PL/SQL Security) Tutorial
Oracle Database Security Tutorial for PL/SQL
Historically, we had definer’s rights and invoker’s rights. Definer’s rights code lets the invoker escalate his privileges, invoker’s rights code lets the definer escalate his privileges. Big problem! And the use of roles complicated things further. We have all been caught out by misunderstanding how roles are applied (or not) within PL/SQL. Oracle Database 12c tidies this up, with the INHERIT [ANY] PRIVILEGE privilege, and the ability to grant roles to program units. It is enabled by default, so make sure you understand it.
Presented by Oracle Certified Master John Watson, SkillBuilders’ Director of Oracle Database Services.
Be sure to see our free tutorial that shows how the 12c INHERIT PRIVILEGES privilege can prevent SQL injection!
This free Oracle 12c PL/SQL Security tutorial is segmented into several separate lessons:
- Introduction (1:20)
- Tutorial Agenda (4:11)
- Review: Definer and Invoker’s Rights (We’d bet you didn’t know all this.) (16:51)
- Review: Roles and PL/SQL (6:21)
- 12c INHERIT PRIVILEGES Privilege (6:47)
- 12c Granting Roles to Procedures (6:37)
- 12c Bequeath Views (1:44)
- 12c PL/SQL Security Summary (3:57) (click on video below)
Date: Aug 28, 2013
NOTE: Some corporate firewalls will not allow videos hosted by YouTube.