-
Title
Do we required execute previlege on tables -UTL_TCP, UTL_SMTP, UTL_INADDR, UTL_HTTP, UTL_FILE -
Description
Below are the privileges which needs to be revoked in QSRTPRG from PUBLIC. Please check with your team if these privileges are required to perform any application work. If not then you can raise CMP to GIDA team to revoke these privileges.
GRANTEE TABLE_NAME PRIVILEGE -------------------- ------------------------------ ----------------
PUBLIC UTL_TCP EXECUTE
PUBLIC UTL_SMTP EXECUTE
PUBLIC UTL_INADDR EXECUTE
PUBLIC UTL_HTTP EXECUTE
PUBLIC UTL_FILE EXECUTE
Eg:-
Revoke execute on SYS.UTL_TCP from PUBLIC;
Revoke execute on SYS.UTL_SMTP from PUBLIC;
Revoke execute on SYS.UTL_INADDR from PUBLIC;
Revoke execute on SYS.UTL_HTTP from PUBLIC;
Revoke execute on SYS.UTL_FILE from PUBLIC;
-
Resolution
RESOLUTION:
All these table names are own by schema SYS
Also, the overview of these tables:
The UTL_TCP package provides TCP/IP client-side access functionality in PL/SQL.
The UTL_SMTP package is designed for sending electronic mails (emails) over Simple Mail Transfer Protocol (SMTP) as specified by RFC821
The UTL_INADDR package provides a PL/SQL procedures to support internet addressing. It provides an API to retrieve host names and IP addresses of local and remote hosts.
The UTL_HTTP package makes Hypertext Transfer Protocol (HTTP) callouts from SQL and PL/SQL. You can use it to access data on the Internet over HTTP.
The UTL_FILE package, PL/SQL programs can read and write operating system text files. UTL_FILE provides a restricted version of operating system stream file I/O.
You may want to check with Oracle about these tables since they are not own by STAT schema?