Home | Login      
Are you a database security expert?
 

Here is a quick 5-point quiz:

  1. In Microsoft SQL Server, a login named LOGIN_1 is running an application associated with application role ROLE_A in database DB1. This role ROLE_A is explicitly denied SELECT permissions on table DBO.TABLE_C stored in the same database. However, in the same database user USER_B is mapped to LOGIN_1 and this database user is explicitly granted SELECT permissions for the same table. Can LOGIN_1 read data from table DBO.TABLE_C before it activates the application role? after it activates the application role?
  2. In Sybase ASE, a login named LOGIN_1 is mapped to user USER_B in database DB1 and that user is granted database role ROLE_A. Role ROLE_A is explicitly granted SELECT permissions on table DBO.TABLE_C in the same database. USER_B is explicitly denied SELECT permissions for the same table. Can LOGIN_1 read data from DBO.TABLE_C? Can you answer this question if ROLE_A is defined as a server-level role?
  3. In Oracle, a regular user USER_A is granted 2 standard roles CONNECT and RESOURCE, and also granted SELECT ANY TABLE privilege. Can this user read data from V$SESSION view using SQL commands executed in SQL*Plus? Can this user read data from V$SESSION view when referring to this view in stored procedure USER_A.SOME_PROC?
  4. In MySQL, a user defined as USER_A@HOST_B is granted only the following 2 permissions: SELECT and UPDATE permissions on table DB1.TABLE_C. Can user USER_A@HOST_B read data from DB1.TABLE_C?
  5. In DB2, an OS user USER_A is a member of OS user group GROUP_B. This user group is granted CONNECT permissions for database DB1 and in that database it is granted CONTROL permissions for table SCHEMA_C.TABLE_C. Can user USER_A read data from this table? Can USER_A drop this table?

If you have answered all of the questions, you are a database security expert.

 

Share this blog topic
Add to Digg it   Add to Twitter   Add to StumbleUpon   Add to Del.Icio.us   Add to Facebook   Add to Technorati   Add to Reddit   Add to YahooMyWeb   Add to Google bookmarks


Comments
 

This blog article does not have any comments.


  This blog article is locked. New comments are not accepted.
 
 
?>