oracle的一些tips技巧
来源:asp之家 发布时间:2009-03-02 11:06:00
最近群里好多人讨论oracle安全问题,今天找了些资料学习了下
获取Oracle当前会话的一些属性 (对于sql注射的环境判断很有用哦)
SYS_CONTEXT 函数返回是与上下文名称空间相关的属性值。这个函数可以用在SQL和PL/SQL语句中。
注意: SYS_CONTEXT 返回的是用户会话期间的属性,所以,你无法使用它在并行的查询或实时应用集群环境。
对于名称空间和变量, 你可以定义它(们)为常量字符串,也可以定义一个变量,来代替名称空间或属性的字符串。名称空间必须是已经在数据库中定义好的, 并且相关的参数和值已经被指定到DBMS_SESSION中。名称空间必须是一个合法的SQL标识符。变量名字可以是任意的字符串。它们不区分大小写, 但是长度不能超出30个字节。
函数返回的数据类型是VARCHAR2,回归值的缺省最大长度是256个字节。你也可以通过设置函数参数length来修改这个缺省长度值。值的合法的长度范围是1到4000字节。(如果你指定的值不在这个范围内, Oracle将使用缺省长度。)
Oracle9i 提供了一个内置的"USERENV"名称空间, 用来表示当前的会话信息。该名称空间预定义的参数如表1, 表的最后一列标识了返回值的长度。
语法:
SYS_CONTEXT(namespace, attribute[, length])
例子:
select SYS_CONTEXT ('USERENV', 'TERMINAL') TERMINAL,
SYS_CONTEXT ('USERENV', 'LANGUAGE') LANGUAGE,
SYS_CONTEXT ('USERENV', 'SESSIONID') SESSIONID,
SYS_CONTEXT ('USERENV', 'INSTANCE') INSTANCE,
SYS_CONTEXT ('USERENV', 'ENTRYID') ENTRYID,
SYS_CONTEXT ('USERENV', 'ISDBA') ISDBA,
SYS_CONTEXT ('USERENV', 'NLS_TERRITORY') NLS_TERRITORY,
SYS_CONTEXT ('USERENV', 'NLS_CURRENCY') NLS_CURRENCY,
SYS_CONTEXT ('USERENV', 'NLS_CALENDAR') NLS_CALENDAR,
SYS_CONTEXT ('USERENV', 'NLS_DATE_FORMAT') NLS_DATE_FORMAT,
SYS_CONTEXT ('USERENV', 'NLS_DATE_LANGUAGE') NLS_DATE_LANGUAGE,
SYS_CONTEXT ('USERENV', 'NLS_SORT') NLS_SORT,
SYS_CONTEXT ('USERENV', 'CURRENT_USER') CURRENT_USER,
SYS_CONTEXT ('USERENV', 'CURRENT_USERID') CURRENT_USERID,
SYS_CONTEXT ('USERENV', 'SESSION_USER') SESSION_USER,
SYS_CONTEXT ('USERENV', 'SESSION_USERID') SESSION_USERID,
SYS_CONTEXT ('USERENV', 'PROXY_USER') PROXY_USER,
SYS_CONTEXT ('USERENV', 'PROXY_USERID') PROXY_USERID,
SYS_CONTEXT ('USERENV', 'DB_DOMAIN') DB_DOMAIN,
SYS_CONTEXT ('USERENV', 'DB_NAME') DB_NAME,
SYS_CONTEXT ('USERENV', 'HOST') HOST,
SYS_CONTEXT ('USERENV', 'OS_USER') OS_USER,
SYS_CONTEXT ('USERENV', 'EXTERNAL_NAME') EXTERNAL_NAME,
SYS_CONTEXT ('USERENV', 'IP_ADDRESS') IP_ADDRESS,
SYS_CONTEXT ('USERENV', 'NETWORK_PROTOCOL') NETWORK_PROTOCOL,
SYS_CONTEXT ('USERENV', 'BG_JOB_ID') BG_JOB_ID,
SYS_CONTEXT ('USERENV', 'FG_JOB_ID') FG_JOB_ID,
SYS_CONTEXT ('USERENV', 'AUTHENTICATION_TYPE') AUTHENTICATION_TYPE,
SYS_CONTEXT ('USERENV', 'AUTHENTICATION_DATA') AUTHENTICATION_DATA
FROM DUAL;
下面的语句返回登录用户的名字:
CONNECT OE/OE
select SYS_CONTEXT ('USERENV', 'SESSION_USER')
FROM DUAL;
SYS_CONTEXT ('USERENV', 'SESSION_USER')
网上找的
[code]AUTHENTICATION_DATA
Data being used to authenticate the login user. For X.503 certificate authenticated sessions, this field returns the context of the certificate in HEX2 format.
256
Note: You can change the return value of the AUTHENTICATION_DATA attribute using the length parameter of the syntax. Values of up to 4000 are accepted. This is the only attribute of USERENV for which Oracle implements such a change.
AUTHENTICATION_TYPE
How the user was authenticated:
DATABASE: username/password authentication
OS: operating system external user authentication
NETWORK: network protocol or ANO authentication
PROXY: OCI proxy connection authentication
30
BG_JOB_ID
Job ID of the current session if it was established by an Oracle background process. Null if the session was not established by a background process.
30
CLIENT_INFO
Returns up to 64 bytes of user session information that can be stored by an application using the DBMS_APPLICATION_INFO package.
64
CURRENT_SCHEMA
Name of the default schema being used in the current schema. This value can be changed during the session with an alter SESSION SET CURRENT_SCHEMA statement.
30
CURRENT_SCHEMAID
Identifier of the default schema being used in the current session.
30
CURRENT_USER
The name of the user whose privilege the current session is under.
30
CURRENT_USERID
User ID of the user whose privilege the current session is under
30
DB_DOMAIN
Domain of the database as specified in the DB_DOMAIN initialization parameter.
256
DB_NAME
Name of the database as specified in the DB_NAME initialization parameter
30
ENTRYID
The available auditing entry identifier. You cannot use this option in distributed SQL statements. To use this keyword in USERENV, the initialization parameter AUDIT_TRAIL must be set to true.
30
EXTERNAL_NAME
External name of the database user. For SSL authenticated sessions using v.503 certificates, this field returns the distinguished name (DN) stored in the user certificate.
256
FG_JOB_ID
Job ID of the current session if it was established by a client foreground process. Null if the session was not established by a foreground process.
30
HOST
Name of the host machine from which the client has connected.
54
INSTANCE
The instance identification number of the current instance.
30
IP_ADDRESS
IP address of the machine from which the client is connected.
30
ISDBA
TRUE if you currently have the DBA role enabled and FALSE if you do not.
30
LANG
The ISO abbreviation for the language name, a shorter form than the existing 'LANGUAGE' parameter.
62
LANGUAGE
The language and territory currently used by your session, along with the database character set, in this form:
language_territory.characterset
52
NETWORK_PROTOCOL
Network protocol being used for communication, as specified in the 'PROTOCOL=protocol' portion of the connect string.
256
NLS_CALENDAR
The current calendar of the current session.
62
NLS_CURRENCY
The currency of the current session.
62
NLS_DATE_FORMAT
The date format for the session.
62
NLS_DATE_LANGUAGE
The language used for expressing dates.
62
NLS_SORT
BINARY or the linguistic sort basis.
62
NLS_TERRITORY
The territory of the current session.
62
OS_USER
Operating system username of the client process that initiated the database session
30
PROXY_USER
Name of the database user who opened the current session on behalf of SESSION_USER.
30
PROXY_USERID
Identifier of the database user who opened the current session on behalf of SESSION_USER.
30
SESSION_USER
Database user name by which the current user is authenticated. This value remains the same throughout the duration of the session.
30
SESSION_USERID
Identifier of the database user name by which the current user is authenticated.
30
SESSIONID
The auditing session identifier. You cannot use this option in distributed SQL statements.
30
TERMINAL
The operating system identifier for the client of the current session. In distributed SQL statements, this option returns the identifier for your local session. In a distributed environment, this is supported only for remote select statements, not for remote insert, update, or delete operations. (The return length of this parameter may vary by operating system.)
0
投稿猜你喜欢
近期,阿里云云安全中心基于全新的深度威胁检测功能,监测到云上部分用户的 SQL Server 数据库内部隐藏着一种新型的持久化后门程序。攻击- 可是,其体积仍然很庞大。所以,在日常工作中,如何给SQL Server的备份文件瘦身,就是很多数据库管理员所关心的问题了。 也许微软的数据库
- 即text-overflow:ellipsis,需要配合white-space:nowrap使用。运行代码:<div style=&q
- 在我们有时需要迁移或部署项目时,需要知道项目所依赖的三方包和版本,下面就来一看一看该如何获取吧:1、首先安装pipreqs库使用pip命令,
- 前言现在Python3 被越来越多的开发者所接受,同时让人尴尬的是很多遗留的老系统依旧运行在 Python2 的环境中,因此有时你不得不同时
- 引言要说在工作中最让人头疼的就是用同样的方式处理一堆文件夹中文件,这并不难,但就是繁。所以在遇到机械式的操作时一定要记得使用Python来合
- 前言模块在其自身的作用域里执行,而不是在全局作用域里;这意味着定义在一个模块里的变量,函数,类等等在模块外部是不可见的,除非你明确地使用ex
- 1、遍历 json 对象的属性//定义json对象 var person= { name: 'zhangsan', pass
- 前言ansible是新出现的自动化运维工具,基于Python开发,集合了众多运维工具(puppet、cfengine、chef、func、f
- 本文记录了mysql 8.0.15 安装配置的方法,供大家参考,具体内容如下安装包下载链接: MySQL官网下载地址点第一个Download
- 一个非常实用的小方法试想一下,Django中如果我们想对保存进数据库的数据做校验,有哪些实现的方法?我们可以在view中去处理,每当view
- python可以在处理各种数据时,如果可以将这些数据,利用图表将其可视化,这样在分析处理起来,将更加直观、清晰,以下是 利用 PyEchar
- 本文实例讲述了python计算圆周率pi的方法。分享给大家供大家参考。具体如下:from sys import stdout scale =
- 在认证框架中还有其他的一些功能。 我们会在接下来的几个部分中进一步地了解它们。权限权限可以很方便地标识用户和用户组可以执行的操作。 它们被D
- css加载器在webpack中,所有的资源(js文件、css文件、模板文件,图片文件等等)都被看成是一个模块,因此多有的资源都是可以被加载的
- 题目输入一个正整数数组,把数组里面的所有属猪拼接起来成为一个数打印能拼接起来的所有数字中最大/最小的那个。思考直观想法就是求出这个数组中所有
- 在使用爬虫爬取网络数据时,如果长时间对一个网站进行抓取时可能会遇到IP被封的情况,这种情况可以使用代理更换ip来突破服务器封IP的限制。随手
- 斜角导航条看上去立体感比较强,但实现起来比较麻烦;这是前几天写的一个测试代码,实现时,本来想用简单的图片加负数来实现;但GIF图片对半透明的
- 随机数和蒙特卡洛模拟求解单一变量非线性方程求解线性系统方程函数的数学积分常微分方程的数值解等势线绘图和曲线:等势线 import
- 前言:我们在日常生活中,都离不开时间和日期。不仅我们的汉字都有大量描述时间日期的词语如斗转星移、分秒必争、只针朝夕、转眼之间等。同样,在我们
