OCPÈÏÖ¤¿¼ÊÔÖ¸ÄÏ£¨11£©£º±£»¤OracleÊý¾Ý¿âµÄ°²È«£¨1£©

1¡¢µ÷ÕûĬÈϵݲȫÉèÖÃ
1.1¡¢Ä¬ÈϵÄÓû§
²é¿´Êý¾Ý¿âµÄÓû§ºÍ״̬£¬¿ÉÒÔ²éѯDBA_USERSÊÓͼ¡£
?[Copy to clipboard]View Code SQL
SQL> select username,account_status from dba_users;
1.2¡¢PUBLICȨÏÞ
OracleÖдæÔÚÒ»¸öÃûΪPUBLICµÄαÓû§¡£Ö»ÒªÓÃPUBLICÊÚÓèij¸öȨÏÞ£¬ÄÇôËùÓÐÓû§¶¼»á±»ÊÚÓèÕâ¸öȨÏÞ¡£
?[Copy to clipboard]View Code SQL
SQL> select count(*) from dba_tab_privs where grantee = 'PUBLIC';
 
COUNT(*)
----------
1991
 
SQL> select table_name from dba_tab_privs where grantee = 'PUBLIC'
2 and privilege = 'EXECUTE' and table_name like 'UTL%';
 
TABLE_NAME
------------------------------
UTL_RAW
UTL_TCP
UTL_INADDR
UTL_SMTP
UTL_HTTP
UTL_URL
UTL_ENCODE
UTL_GDK
UTL_COMPRESS
UTL_I18N
UTL_LMS
 
TABLE_NAME
------------------------------
UTL_NLA_ARRAY_DBL
UTL_NLA_ARRAY_FLT
UTL_NLA_ARRAY_INT
UTL_NLA
UTL_REF
UTL_COLL
UTL_MATCH
UTL_FILE
 
19 rows selected.
Õë¶ÔÉÏÃæÁгöµÄ£¬ÎÒÃÇÀ´¿´ÏÂijЩʹÓÃÆðÀ´±È½ÏΣÏյijÌÐò°ü£º
UTL_FILE£ºÕâ¸ö³ÌÐò°üÔÊÐíÓû§¶Áд²Ù×÷ϵͳÓû§¿É·ÃÎʵġ¢ÔËÐÐOracle½ø³ÌµÄÈÎÎñÎļþºÍĿ¼£¬ÕâЩÎļþÓëĿ¼°üÀ¨ËùÓеÄÊý¾Ý¿âÎļþÒÔ¼°ORACLE_HOMEĿ¼¡£
UTL_TCP£ºÕâ¸ö³ÌÐò°üÔÊÐíÓû§ÎªÁËÁ¬½ÓÍøÂçÖÐËùÓпɷÃÎʵĵØÖ·¶ø´ò¿ª·þÎñ»úÆ÷ÉϵÄTCP¶Ë¿Ú¡£
UTL_SMTP£ºÊ¹ÓÃUTL_TCPµ÷ÓñàдµÄÕâ¸ö³ÌÐò°üÔÊÐíÓû§·¢ËÍÓʼþÏûÏ¢¡£UTL_SMTP³ÌÐò°üÊÜUTL_SMTP_SERVERʵÀý²ÎÊýÏÞÖÆ£¬¸Ã²ÎÊý¸ø³öÁËÊä³öÓʼþ·þÎñÆ÷µÄµØÖ·¡£
UTL_HTTP£ºÕâ¸ö³ÌÐò°üͬÑùʹÓÃUTL_TCPµ÷ÓýøÐбàд£¬²¢ÇÒÔÊÐí·¢ËÍHTTPÏûÏ¢ºÍ½ÓÊÕÏìÓ¦£¬½á¹ûÊǽ«Êý¾Ý¿âת»»ÎªWebä¯ÀÀÆ÷¡£
¼Çס£ºÄ¬ÈÏÇé¿öÏ£¬µÇÈëÊý¾Ý¿âµÄÈκÎÓû§¶¼ÄÜʹÓÃÉÏÊö³ÌÐò°ü¡£
ËäȻӦÓÃÈí¼þ¿ÉÒÔΪPUBLICÓû§ÊÚÓèÖ´ÐÐUTL³ÌÐò°üµÄȨÏÞ£¬µ«ÎÒÃÇÓ¦µ±È¡ÏûPUBLICÓû§µÄÕâ¸öȨÏÞ¡£
?[Copy to clipboard]View Code SQL
SQL> revoke execute on utl_file from public;
 
Revoke succeeded.
2¡¢¶Ô°²È«ÐÔÖÁ¹ØÖØÒªµÄʵÀý²ÎÊý
ÌáÐÑ£ºÕâÀï˵µÄ²ÎÊý¶¼ÊǾ²Ì¬µÄ£¬±»Ð޸ĺó±ØÐëÖØÆôʵÀý²Å»áÓÐЧ¡£
2.1¡¢UTL_FILE_DIRʵÀý²ÎÊý
UTL_FILE_DIRʵÀý²ÎÊýĬÈÏΪNULL£¬Òò´Ë²»ÊÇÒ»¸ö°²È«ÐÔÎÊÌâ¡£µ«ÔÚÉèÖÃÕâ¸ö²ÎÊýʱ£¬ÒªÌرðСÐÄ¡£UTL_FILE_DIR²ÎÊýÔÊÐíPL/SQLͨ¹ýUTL_FILE²¹³ä³ÌÐò