Oracle | SA_USER_ADMIN_INT

Oracle SA_USER_ADMIN_INT Version 21c

General Information

Library Note

Morgan's Library Page Header

Which has the higher priority in your organization: Deploying a new database or securing the ones you already have? Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx.

Purpose Internal utilities supporting Label Security core functions

AUTHID CURRENT_USER

Dependencies

DUAL	OLS$COMPARTMENTS	OLS$USER
LBAC$SA_LABELS	OLS$GROUPS	OLS$USER_COMPARTMENTS
LBAC$USER_LIBT	OLS$LAB	OLS$USER_GROUPS
LBAC_CACHE	OLS$LEVELS	PLITBLM
LBAC_LGSTNDBY_UTIL	OLS$POL	SA_USER_ADMIN
LBAC_SERVICES	OLS$PROFILE	SA_UTL
LBAC_STANDARD	OLS$PROG	_BASE_USER
OBJ$	OLS$SESSION_LIBT

Documented No

First Available 20c

Security Model Owned by LBACSYS with no privileges granted

Direct access to this package is prevented by means of an Accessible By clause.

Source {ORACLE_HOME}/rdbms/admin/prvtolsdd.plb

Subprograms

ADD_COMPARTMENTS	DROP_COMPARTMENTS	SET_LEVELS
ADD_GROUPS	DROP_GROUPS	SET_PROG_PRIVS
ALTER_COMPARTMENTS	DROP_USER_ACCESS	SET_ROW_LABEL
ALTER_GROUPS	SET_COMPARTMENTS	SET_USER_LABELS
DROP_ALL_COMPARTMENTS	SET_DEFAULT_LABEL	SET_USER_PRIVS
DROP_ALL_GROUPS	SET_GROUPS

ADD_COMPARTMENTS (new 20c)

Undocumented sa_user_admin_int.add_compartments( policy_name IN VARCHAR2, user_name IN VARCHAR2, comps IN VARCHAR2, access_mode IN VARCHAR2, in_def IN VARCHAR2, in_row IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

ADD_GROUPS (new 20c)

Undocumented sa_user_admin_int.add_groups( policy_name IN VARCHAR2, user_name IN VARCHAR2, groups IN VARCHAR2, access_mode IN VARCHAR2, in_def IN VARCHAR2, in_row IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

ALTER_COMPARTMENTS (new 20c)

Undocumented sa_user_admin_int.alter_compartments( policy_name IN VARCHAR2, user_name IN VARCHAR2, comps IN VARCHAR2, access_mode IN VARCHAR2, in_def IN VARCHAR2, in_row IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

ALTER_GROUPS (new 20c)

Undocumented sa_user_admin_int.alter_groups( policy_name IN VARCHAR2, user_name IN VARCHAR2, groups IN VARCHAR2, access_mode IN VARCHAR2, in_def IN VARCHAR2, in_row IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

DROP_ALL_COMPARTMENTS (new 20c)

Undocumented sa_user_admin_int.drop_all_compartments( policy_name IN VARCHAR2, user_name IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

DROP_ALL_GROUPS (new 20c)

Undocumented sa_user_admin_int.drop_all_groups( policy_name IN VARCHAR2, user_name IN VARCHAR2, invoker_usr IN VARCHAR2);

exec lbacsys.sa_user_admin_int.drop_all_groups('X', 'Y', USER);

      BEGIN lbacsys.sa_user_admin_int.drop_all_groups('X', 
      'Y', USER); END;

      *

      ERROR at line 1:

      ORA-06550: line 1, column 7:

      PLS-00904: insufficient privilege to access object SA_USER_ADMIN_INT

      ORA-06550: line 1, column 7:

      PL/SQL: Statement ignored

DROP_COMPARTMENTS (new 20c)

Undocumented sa_user_admin_int.drop_compartments( policy_name IN VARCHAR2, user_name IN VARCHAR2, comps IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

DROP_GROUPS (new 20c)

Undocumented sa_user_admin_int.drop_groups( policy_name IN VARCHAR2, user_name IN VARCHAR2, groups IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

DROP_USER_ACCESS (new 20c)

Undocumented sa_user_admin_int.drop_user_access( policy_name IN VARCHAR2, user_name IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

SET_COMPARTMENTS (new 20c)

Undocumented sa_user_admin_int.set_compartments( policy_name IN VARCHAR2, user_name IN VARCHAR2, read_comps IN VARCHAR2, write_comps IN VARCHAR2, def_comps IN VARCHAR2, row_comps IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

SET_DEFAULT_LABEL (new 20c)

Undocumented sa_user_admin_int.set_default_label( policy_name IN VARCHAR2, user_name IN VARCHAR2, def_label IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

SET_GROUPS (new 20c)

Undocumented sa_user_admin_int.set_groups( policy_name IN VARCHAR2, user_name IN VARCHAR2, read_groups IN VARCHAR2, write_groups IN VARCHAR2, def_groups IN VARCHAR2, row_groups IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

SET_LEVELS (new 20c)

Undocumented sa_user_admin_int.set_levels( policy_name IN VARCHAR2, user_name IN VARCHAR2, max_level IN VARCHAR2, min_level IN VARCHAR2, def_level IN VARCHAR2, row_level IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

SET_PROG_PRIVS (new 20c)

Undocumented sa_user_admin_int.set_prog_privs( policy_name IN VARCHAR2, schema_name IN VARCHAR2, program_unit_name IN VARCHAR2, privileges IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

SET_ROW_LABEL (new 20c)

Undocumented sa_user_admin_int.set_row_label( policy_name IN VARCHAR2, user_name IN VARCHAR2, row_label IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

SET_USER_LABELS (new 20c)

Undocumented sa_user_admin_int.set_user_labels( policy_name IN VARCHAR2, user_name IN VARCHAR2, max_read_label IN VARCHAR2, max_write_label IN VARCHAR2, min_write_label IN VARCHAR2, def_label IN VARCHAR2, row_label IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

SET_USER_PRIVS (new 20c)

Undocumented sa_user_admin_int.set_user_privs( policy_name IN VARCHAR2, user_name IN VARCHAR2, privileges IN VARCHAR2, invoker_usr IN VARCHAR2);

All objects are protected by an ACCESSIBLE BY clause

Morgan's Library Page Footer

This site is maintained by Dan Morgan. Last Updated:

This site is protected by copyright and trademark laws under U.S. and International law. © 1998-2021 Daniel A. Morgan All Rights Reserved