General Information
Library Note
Morgan's Library Page Header
Which has the higher priority in your organization: Deploying a new database or securing the ones you already have?
Looking for a website, and resources, dedicated solely to securing Oracle databases? Check out DBSecWorx .
Purpose
Real Application Security Internal Utilities
AUTHID
DEFINER
Dependencies
DBMS_STANDARD
XS$ACE_LIST
XS$OBJ
DBMS_SYS_ERROR
XS$ACE_PRIV
XS$POLICY_PARAM
DUAL
XS$ACE_TYPE
XS$PRIN
PLITBLM
XS$ACL
XS_ACL
USER$ XS$ACL_PARAM
XS_ADMIN_INT
X$KSPPCV
XS$INSTSET_ACL
XS_ADMIN_UTIL
X$KSPPI
XS$NAME_LIST
XS_MTCACHE_INT
XS$ACE
XS$NSTMPL
Documented
No
First Available
Not known
Security Model
Owned by SYS with no privileges granted
Source
{ORACLE_HOME}/rdbms/admin/prvtacl.plb
Subprograms
ADD_ACL_PARAMETER
Add a numeric parameter value
xs_acl_int.add_acl_parameter(acl IN VARCHAR2
TBD
Add a string parameter value
xs_acl_int.add_acl_parameter(acl IN VARCHAR2
exec xs_acl_int.add_acl_parameter ('DBSECWORXACL','XPOLICY','GEO', 'EMEA');
APPEND_ACES
Append one ACE to the ACL
xs_acl_int.append_aces(
DECLARExs_acl.ptype_db );xs_acl_int.append_aces ('DBSECWORXACL', atype);
Overload 2
xs_acl_int.append_aces(
TBD
CREATE_ACL
Create an Access Control List
xs_acl_int.create_acl(
col acl format a45xs_acl_int.create_acl ('DBSECWORXACL', alist, 'SECPRIVS', description=>'Data Access');ACL OWNER PRIVILEGE SECURITY_CLASS
DELETE_ACL
Drop an Access Control list
xs_acl_int.delete_acl(
exec xs_acl_int.delete_acl ('DBSECWORXACL');
GRANT_PRIVILEGE
Undocumented
xs_acl_int.grant_privilege(
TBD
REMOVE_ACES
Not sure if this removes an ACE or an ACL. Name and parameter do not agree
xs_acl_int.remove_aces(acl IN VARCHAR2);
exec xs_acl_int.remove_aces ('DBSECWORXACL');
REMOVE_ACL_PARAMETERS
Undocumented
xs_acl_int.remove_acl_parameters(acl IN VARCHAR2);
exec xs_acl_int.remove_acl_parameters ('DBSECWORXACL');
Overload 2
xs_acl_int.remove_acl_parameters(
exec xs_acl_int.remove_acl_parameters ('DBSECWORXACL', 'XPOLICY', 'GEO');
Overload 3
xs_acl_int.remove_acl_parameters(
exec xs_acl_int.remove_acl_parameters ('DBSECWORXACL', 'XPOLICY', 'GEO');
REVOKE_PRIVILEGE
Undocumented
xs_acl_int.revoke_privilege(
TBD
SET_DESCRIPTION
Sets or updates the description of an ACL in the data dictionary
xs_acl_int.set_description(
exec xs_acl_int.set_description ('DBSECWORXACL', 'DBSecWorx Secure ACL');
SET_PARENT_ACL
Sets the parent ACL
xs_acl_int.set_parent_acl(
exec xs_acl_int.set_parent_acl ('DSECWORX','SYSTEMACL', xs_acl_int.extended);
SET_SECURITY_CLASS
Sets the security class
xs_acl_int.set_security_class(
col acl format a45ACL OWNER PRIVILEGE SECURITY_CLASS xs_acl_int.set_security_class ('DBSECWORXACL', 'SYSTEM');ACL OWNER PRIVILEGE SECURITY_CLASS
