Oracle DBMS_MACOLS_SESSION
Version 18.3.0.1

General Information
Library Note Morgan's Library Page Header
For how many years have you been working with physical servers? Software Defined Servers can improve performance and security while lowering complexity and cost. With Software Defined Servers you define servers with an optimum configuration to your environment rather than being memory starved and cpu over-provisioned. Find out how you can improve your computing environment with TidalScale. your friends.
 
Purpose Provides integration between Database Vault and Label Security's LBACSYS.SA_SESSION package
AUTHID DEFINER
Constants
Name Data Type Value
Audit Action Code
G_MAC_OLS_UPGRADE_AUDIT_CODE PLS_INTEGER 10010
Dependencies
CODE$ DV$CODE OLS$LAB
DBMS_MACAUD MAC_POLICY$ OLS$POL
DBMS_MACOLS NUMERIC_DOMINATES SA_SESSION
DBMS_MACUTL NUMERIC_LABEL_TO_CHAR SA_UTL
DBMS_STANDARD NUMERIC_STRICTLY_DOMINATES TO_NUMERIC_LABEL
Documented No
Exceptions
Error Code Reason
ORA-47907 Database Vault associated OLS policy <policy_name> not fully configured
First Available 18.1.0.0
Security Model Owned by DVSYS with EXECUTE granted to PUBLIC
Source {ORACLE_HOME}/rdbms/admin/dbmsmacp.sql
Subprograms
 
CAN_SET_LABEL
Determines whether a label be set under MAC OLS for this policy beyond max session label dbms_macols_session.can_set_label(
policy_name IN VARCHAR2,
label       IN VARCHAR2)
RETURN NUMBER;
TBD
 
IS_MAC_LABEL_SET
Determines if the max_session_label of the mac OLS policy is set dbms_macols_session.is_mac_label_set(
policy_name IN VARCHAR2)
RETURN NUMBER;
SELECT dvsys.dbms_macols_session.is_mac_label_set('UWSecPol')
FROM dual;

DVSYS.DBMS_MACOLS_SESSION.IS_MAC_LABEL_SET('UWSECPOL')
------------------------------------------------------
                                                     0
 
IS_MAC_POLICY
Returns 1if the OLS policy is protected by MAC OLS under DV dbms_macols_session.is_mac_policy(policy_name IN VARCHAR2)
RETURN NUMBER;
SELECT dvsys.dbms_macols_session.is_mac_policy('UWSecPol')
FROM dual;

DVSYS.DBMS_MACOLS_SESSION.IS_MAC_POLICY('UWSECPOL')
---------------------------------------------------
                                                  0
 
LABEL_AUDIT_RAISE
Audit invalid attempt to set/change the label for a policy beyond max session label and raise the appropriate exception. This procedure is invoked by sa_session.set_label, sa_session.set_access_profile, and sa_session.restore_default_labels in two cases: the label to set is beyond the max session label;
or the max_session_label is NULL.
dbms_macols_session.label_audit_raise(
policy_name IN VARCHAR2,
label       IN VARCHAR2,
proc_name   IN VARCHAR2);
PRAGMA SUPPLEMENTAL_LOG_DATA(label_audit_raise, NONE);
TBD
 
RESTORE_DEFAULT_LABELS
MAC OLS processing to merge default session label for a policy with the labels of any factors associated to the policy after the SA_SESSION restore_default_labels method is called dbms_macols_session.restore_default_labels(
policy_name     IN  VARCHAR2,
x_session_label OUT VARCHAR2,
x_mac_label     OUT VARCHAR2);
PRAGMA SUPPLEMENTAL_LOG_DATA(restore_default_labels, NONE);
exec dbms_macols_session.label_audit_raise('UWSecPol', 'UWLabel', 'UWProc');
*
ERROR at line 1:
ORA-47907: Database Vault associated OLS policy UWSecPol not fully configured
ORA-06512: at "DVSYS.DBMS_MACUTL", line 34
ORA-06512: at "DVSYS.DBMS_MACUTL", line 389
ORA-06512: at "DVSYS.DBMS_MACOLS_SESSION", line 142
ORA-06512: at line 1
 
SET_ACCESS_PROFILE
MAC OLS processing to merge default session label for a policy with the exist MAX session label after the SA_SESSION set_access_profile method is called dbms_macols_session.set_access_profile(
policy_name         IN  VARCHAR2 ,
user_name           IN  VARCHAR2,
p_max_session_label IN  VARCHAR2,
x_new_session_label OUT VARCHAR2)
RETURN NUMBER;
TBD
 
SET_POLICY_LABEL_CONTEXT
Sets the MAC OLS session context variable for the attribute specified dbms_macols_session.set_policy_label_context(
policy_name IN VARCHAR2,
label       IN VARCHAR2,
attribute   IN VARCHAR2);
PRAGMA SUPPLEMENTAL_LOG_DATA(set_policy_label_context, NONE);
TBD

Related Topics
Built-in Functions
Built-in Packages
DBMS_MACAUD
DBMS_MACOUT
DBMS_MACSEC_FUNCTION
DBMS_MACSEC_ROLES
DBMS_MACSEC_RULES
EVENT
OLS_ENFORCEMENT
OLS$DATAPUMP
What's New In 12cR2
What's New In 18cR3

Morgan's Library Page Footer
This site is maintained by Dan Morgan. Last Updated: This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2017 Daniel A. Morgan All Rights Reserved