DATA CONTROL LANGUAGE (DCL) (GRANT, REVOKE)
Database Security and Previleges
Create 2 users, open the screen simultaneously,
The synatx for creating a user
SQL> Create user user1 identified by user1
SQL> Alter user user1 identified by user13 ;
SQL> Grant Connect, resource to user1 ;
SQL> Create user user2 identified by user2 ;
SQL> Alter user user1 identified by user23 ;
SQL> Grant Connect, resource to user2 ;
The Grant Command
- The Grant command is used to grant access to the database
- A user can grant access to his database object(s) to other user(s)
user1 -
-Granting the select previledge to user2
SQL> GRANT select on emp to user2
user2
User2 is viewing the user1 ‘s emp table
select * from user1.emp ;
user1 -
GRANT update on emp to user2
user2 - update user1.emp set ename='ffff' where empno=7900 ;
REVOKE
Using the REVOKE command, a DBA can revoke database privileges from the user(s)
user1 -
User1 is revoking the select previledge from user2 on emp table
Revoke select on emp from user2
user2 - select * from user1.emp ;
user1 -
revoke update on emp from user2
user2 - update user1.emp set ename='ffff' where empno=7900 ;
revoke select,update on emp from suresh with grant option ;
DBA can give
Grant create table, create session to suresh with admin option;
in suresh
grant create table to user1 ;
Database Security and Previleges
Create 2 users, open the screen simultaneously,
The synatx for creating a user
SQL> Create user user1 identified by user1
SQL> Alter user user1 identified by user13 ;
SQL> Grant Connect, resource to user1 ;
SQL> Create user user2 identified by user2 ;
SQL> Alter user user1 identified by user23 ;
SQL> Grant Connect, resource to user2 ;
The Grant Command
- The Grant command is used to grant access to the database
- A user can grant access to his database object(s) to other user(s)
user1 -
-Granting the select previledge to user2
SQL> GRANT select on emp to user2
user2
User2 is viewing the user1 ‘s emp table
select * from user1.emp ;
user1 -
GRANT update on emp to user2
user2 - update user1.emp set ename='ffff' where empno=7900 ;
REVOKE
Using the REVOKE command, a DBA can revoke database privileges from the user(s)
user1 -
User1 is revoking the select previledge from user2 on emp table
Revoke select on emp from user2
user2 - select * from user1.emp ;
user1 -
revoke update on emp from user2
user2 - update user1.emp set ename='ffff' where empno=7900 ;
revoke select,update on emp from suresh with grant option ;
DBA can give
Grant create table, create session to suresh with admin option;
in suresh
grant create table to user1 ;
