• OCP-1Z0-052-V8.02-155题


    155. The user HR owns the EMP table. The user HR grants privileges to the user SCOTT by using this

    command:

    SQL> GRANT SELECT,INSERT,UPDATE ON emp TO scott WITH GRANT OPTION;

    The user SCOTT executes this command to grant privileges to the user JIM:

    SQL> GRANT SELECT,INSERT,UPDATE ON hr.emp TO jim;

    Now, the user HR decides to revoke privileges from JIM using this command:

    SQL> REVOKE SELECT,INSERT,UPDATE ON emp FROM jim;

    Which statement is true after HR issues the REVOKE command?

    A.The command fails because SCOTT still has privileges.

    B.The command succeeds and privileges are revoked from JIM.

    C.The command fails because HR cannot revoke the privileges from JIM.

    D.The command succeeds and only HR has the privilege to perform the SELECT, INSERT, and UPDATE

    operations on the EMP table.

    Answer: C  

     

    现象重现:

     

    hr将DML操作emp表的权限给scott,并且scott有传递权限,scott将此权限传递给jim,此时hr想将jim的权限收回,出错,

    因为hr没有授予过权限给jim,此时jim可以DML操作EMP表,当hr将scott的权限收回时,jim不能再查询等操作。

    1、hr将DML操作emp表的权限给scott,并且scott有传递权限。

    hr@TEST0910> grant select,insert,update on employees to scott with grant option;
     
    Grant succeeded.
     
    hr@TEST0910> conn /as sysdba
    Connected.
    sys@TEST0910> create user jim identified by jim;
     
    User created.
    2、scott将此权限传递给jim。
    sys@TEST0910> conn scott/tiger
    Connected.
    scott@TEST0910> grant select,insert,update on hr.employees to jim;
     
    Grant succeeded.
     
    3、hr想将jim的权限收回,出错。
    scott@TEST0910> conn hr/hr
    Connected.
    hr@TEST0910> revoke select,insert,update on employees from jim;
    revoke select,insert,update on employees from jim
    *
    ERROR at line 1:
    ORA-01927: cannot REVOKE privileges you did not grant
     
    4、DBA将连接数据库权限给jim,jim登陆,可以访问hr的表。
    hr@TEST0910> conn jim/jim
    ERROR:
    ORA-01045: user JIM lacks CREATE SESSION privilege; logon denied
     
     
    Warning: You are no longer connected to ORACLE.
    hr@TEST0910> conn /as sysdba
    Connected.
    sys@TEST0910> grant create session to jim;
     
    Grant succeeded.
     
    sys@TEST0910> conn jim/jim
    Connected.
    jim@TEST0910> select * from hr.employees;
     
    EMPLOYEE_ID FIRST_NAME           LAST_NAME                 EMAIL
    ----------- -------------------- ------------------------- -------------------------
    PHONE_NUMBER         HIRE_DATE JOB_ID         SALARY COMMISSION_PCT MANAGER_ID DEPARTMENT_ID
    -------------------- --------- ---------- ---------- -------------- ---------- -------------
            198 Donald               OConnell                  DOCONNEL
    650.507.9833         21-JUN-07 SH_CLERK         2600    
     
    5、当hr把DML操作emp表操作的权限从scott收回后,jim无法访问hr的表了。
    jim@TEST0910> conn hr/hr
    Connected.
    hr@TEST0910> revoke select,insert,update on employees from scott;
     
    Revoke succeeded.
     
    hr@TEST0910> conn jim/jim
    Connected.
    jim@TEST0910> select * from hr.employees;
    select * from hr.employees
                     *
    ERROR at line 1:
    ORA-00942: table or view does not exist
  • 相关阅读:
    【Python大系】Python快速教程
    【Linux大系】Linux的概念与体系
    【Java大系】Java快速教程
    【夯实PHP系列】PHP正则表达式
    【PHP夯实基础系列】PHP日期,文件系统等知识点
    【夯实PHP系列】购物车代码说明PHP的匿名函数
    2016.09.21 公司裁员想到的
    使用android-junit-report.jar导出单元测试报告
    APK无源码使用Robotium简单总结
    Android环境安装简单总结
  • 原文地址:https://www.cnblogs.com/hzcya1995/p/13317246.html
Copyright © 2020-2023  润新知