Oracle 参数 SQL92_SECURITY 官方解释,作用,如何配置最优化建议
本站中文解释
SQL92_SECURITY参数是用于控制语句的安全性的参数。当设置为TRUE时,Oracle将只允许拥有SELECT和ASSERT对象权限的用户存取可以检索出数据的SELECT语句。当设置为FALSE时,Oracle并不执行任何查询时的访问控制检查,允许客户端应用程序使用任何SELECT语句。
正确设置SQL92_SECURITY参数时,建议将该参数设置为TRUE。因为这样有助于加强系统的安全性,从而避免发生一些未受控制的数据访问行为。
官方英文解释
SQL92_SECURITY specifies whether users must have been granted the SELECT privilege on a table to execute an UPDATE or DELETE statement that references table column values in a WHERE or SET clause.
| Property | Description |
|---|---|
|
Parameter type |
Boolean |
|
Default value |
|
|
Modifiable |
No |
|
Modifiable in a PDB |
Yes |
|
Range of values |
|
|
Basic |
No |
The SQL standard specifies that security administrators should be able to require that users have SELECT privilege on a table when executing an UPDATE or DELETE statement that references table column values in a WHERE or SET clause.
Values
-
trueThe user must have
SELECTprivilege on a column to reference it in theWHEREclause of aDELETEorUPDATEstatement, on the right hand side of an assignment in theSETclause of anUPDATEstatement. -
falseA user with
DELETEprivilege on the target table of aDELETEstatement may reference any column of that target table in theWHEREclause. A user withUPDATEprivilege on the target table of anUPDATEstatement may reference any column of that target in theWHEREclause or on the right hand side of any assignment in theSETclause of theUPDATEstatement.
