SQL*Plus: Release 11.1.0.7.0 - Production on Sat Apr 2 13:33:24 2011
Copyright (c) 1982, 2008, Oracle. All rights reserved.
Connected to:
Oracle Database 11g Express Edition Release 11.2.0.2.0 - Beta
SQL> desc dba_users
Name Null? Type
—————————————– ——– —————————-
USERNAME NOT NULL VARCHAR2(30)
USER_ID NOT NULL NUMBER
PASSWORD VARCHAR2(30)
ACCOUNT_STATUS NOT NULL VARCHAR2(32)
LOCK_DATE DATE
EXPIRY_DATE DATE
DEFAULT_TABLESPACE NOT NULL VARCHAR2(30)
TEMPORARY_TABLESPACE NOT NULL VARCHAR2(30)
CREATED NOT NULL DATE
PROFILE NOT NULL VARCHAR2(30)
INITIAL_RSRC_CONSUMER_GROUP VARCHAR2(30)
EXTERNAL_NAME VARCHAR2(4000)
PASSWORD_VERSIONS VARCHAR2(8)
EDITIONS_ENABLED VARCHAR2(1)
AUTHENTICATION_TYPE VARCHAR2(8)
SQL> select * from user_role_privs;
USERNAME GRANTED_ROLE ADM DEF OS_
—————————— —————————— — — —
APEX_040000 CONNECT NO YES NO
APEX_040000 RESOURCE YES YES NO
SQL> select * from user_sys_privs;
USERNAME PRIVILEGE ADM
—————————— —————————————- —
APEX_040000 CREATE TRIGGER YES
APEX_040000 CREATE SYNONYM YES
APEX_040000 UNLIMITED TABLESPACE YES
APEX_040000 ALTER SESSION NO
APEX_040000 CREATE JOB YES
APEX_040000 CREATE DIMENSION YES
APEX_040000 CREATE SEQUENCE YES
APEX_040000 CREATE TABLE YES
APEX_040000 ALTER USER NO
APEX_040000 CREATE USER NO
APEX_040000 CREATE SESSION YES
APEX_040000 CREATE OPERATOR YES
APEX_040000 ALTER DATABASE NO
APEX_040000 DROP USER NO
APEX_040000 CREATE INDEXTYPE YES
APEX_040000 CREATE MATERIALIZED VIEW YES
APEX_040000 CREATE VIEW YES
APEX_040000 CREATE CLUSTER YES
APEX_040000 CREATE ANY CONTEXT YES
APEX_040000 CREATE PROCEDURE YES
APEX_040000 DROP PUBLIC SYNONYM NO
APEX_040000 DROP TABLESPACE NO
APEX_040000 CREATE TABLESPACE NO
APEX_040000 CREATE TYPE YES
APEX_040000 CREATE ROLE NO
APEX_040000 CREATE PUBLIC SYNONYM NO
26 rows selected.
SQL>
危害:這個APEX使用者,可以修改資料庫中任何使用者密碼。
修複:安裝資料庫後,修改APEX使用者預設密碼
本文轉自enables 51CTO部落格,原文連結:http://blog.51cto.com/niuzu/578803,如需轉載請自行聯系原作者
![【MySQL資料庫】資料庫索引事務1.索引2.事務[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)