- 最后登录
- 2019-6-19
- 在线时间
- 18 小时
- 威望
- 0
- 金钱
- 354
- 注册时间
- 2016-10-13
- 阅读权限
- 10
- 帖子
- 232
- 精华
- 1
- 积分
- 0
- UID
- 2488
|
24#
发表于 2016-10-18 09:59:58
24:
The HR user creates a stand-alone procedure as follows and grants the EXECUTE privilege on the procedure to many database users:
CREATE OR REPLACE PROCEDURE create_dept ( v_deptno NUMBER, v_dname VARCHAR2, v_mgr NUMBER, v_loc NUMBER)
BEGIN
INSERT INTO hr.departments VALUES (v_deptno, v_dname, v_mgr, v_loc);
END;
The users having permission to execute the procedure are able to insert records into the DEPARTMENTS table even though they do not have the INSERT privilege on the table. You want only those users who have privileges on the DEPARTMENTS table to be able to execute the procedure successfully. What would you suggest to the PL/SQL developers to achieve this?
A. Create the procedure with definer's right.
B. Create the procedure with invoker's right.
C. Grant the EXECUTE privilege with GRANT OPTION on the procedure to selected users.
D. Create the procedure as part of a PL/SQL package and grant the EXECUTE privilege on the package to selected users.
24:
HR用户创建一个标准存储过程并授予EXECUTE权限给数据库用户:
CREATE OR REPLACE PROCEDURE create_dept ( v_deptno NUMBER, v_dname VARCHAR2, v_mgr NUMBER, v_loc NUMBER)
BEGIN
INSERT INTO hr.departments VALUES (v_deptno, v_dname, v_mgr, v_loc);
END;
用户拥有权限执行过程也能够插入记录到DEPARTMENTS表,即使它没有INSERT表的权限。你想拥有DEPARTMENTS表权限的用户能成功执行过程。你建议PL/SQL开发人员如何实现?
A. 创建过程使用definer身份
B. 创建过程使用invoker身份
C. 使用GRANT OPTION授予EXECUTE权限给选择的用户
D. 创建过程作为包的一部分并且授予package EXECUTE权限给选择的用户
答案:B
A: 错误,应创建调用者权限,而不是定义者权限
B: 正确
C: 错误,默认是以定义者权限创建存储过程,那么有execute权限就可以向部门表insert数据 不能实现需求grant option权限是指可以把存储过程权限授权给其它人
D: 错误,存储过程可单独创建,不需要放到包里,这样也不能实现题里的需求
|
|