Oracle 参数 SQL92_SECURITY 官方解释,作用,如何配置最优化建议

本站中文解释

SQL92_SECURITY参数是用于控制语句的安全性的参数。当设置为TRUE时,Oracle将只允许拥有SELECT和ASSERT对象权限的用户存取可以检索出数据的SELECT语句。当设置为FALSE时,Oracle并不执行任何查询时的访问控制检查,允许客户端应用程序使用任何SELECT语句。

正确设置SQL92_SECURITY参数时,建议将该参数设置为TRUE。因为这样有助于加强系统的安全性,从而避免发生一些未受控制的数据访问行为。

官方英文解释

SQL92_SECURITY specifies whether users must have been granted the SELECT privilege on a table to execute an UPDATE or DELETE statement that references table column values in a WHERE or SET clause.

Property Description

Parameter type

Boolean

Default value

true

Modifiable

No

Modifiable in a PDB

Yes

Range of values

true | false

Basic

No

The SQL standard specifies that security administrators should be able to require that users have SELECT privilege on a table when executing an UPDATE or DELETE statement that references table column values in a WHERE or SET clause.

Values

  • true

    The user must have SELECT privilege on a column to reference it in the WHERE clause of a DELETE or UPDATE statement, on the right hand side of an assignment in the SET clause of an UPDATE statement.

  • false

    A user with DELETE privilege on the target table of a DELETE statement may reference any column of that target table in the WHERE clause. A user with UPDATE privilege on the target table of an UPDATE statement may reference any column of that target in the WHERE clause or on the right hand side of any assignment in the SET clause of the UPDATE statement.


数据运维技术 » Oracle 参数 SQL92_SECURITY 官方解释,作用,如何配置最优化建议