Oracle 视图 DBA_UNUSED_PRIVS 官方解释，作用，如何使用详细说明

本站中文解释

Oracle视图DBA_UNUSED_PRIVS提供了在数据库中，用户拥有但仍未使用的系统权限的信息。

该视图是用来检测与数据库安全相关的不正当活动。它显示出来允许用户拥有但没有使用的指定系统权限。它可以帮助DBA防止在数据库中的未经授权的行为以及用户滥用授权的情况。

使用这个视图来检查系统权限。DBA可以使用下面的sql查询检查未使用的权限：

1.检查拥有但没有使用的所有权限

SELECT * FROM DBA_UNUSED_PRIVS;

2.查看特定用户拥有但未使用的权限

SELECT * FROM DBA_UNUSED_PRIVS WHERE GRANTEE = ‘username’

3.查看特定系统权限没有被使用

SELECT * FROM DBA_UNUSED_PRIVS WHERE PRIVILEGE LIKE ‘%privname%’

官方英文解释

DBA_UNUSED_PRIVS lists the privileges that are not used for the privilege analysis policies reported by the DBMS_PRIVILEGE_CAPTURE.GENERATE_RESULT procedure.

This view provides access to analyzed privilege records in SYS tables.

You must have the CAPTURE_ADMIN role to access this view.

Column	Datatype	NULL	Description
`CAPTURE`	`VARCHAR2(128)`	`NOT NULL`	Name of the privilege analysis policy
`USERNAME`	`VARCHAR2(128)`		Name of the user whose unused privileges are reported
`ROLENAME`	`VARCHAR2(128)`		Name of the role whose unused privileges are reported (for `ROLE` type privilege analysis or `ROLE AND CONTEXT` privilege analysis)
`SYS_PRIV`	`VARCHAR2(40)`		Unused system privilege
`OBJ_PRIV`	`VARCHAR2(40)`		Unused object privilege
`USER_PRIV`	`VARCHAR2(25)`		Unused user privilege
`OBJECT_OWNER`	`VARCHAR2(128)`		Object owner
`OBJECT_NAME`	`VARCHAR2(128)`		Name of the object that `USERNAME` has `OBJ_PRIV` or `USER_PRIV` on
`OBJECT_TYPE`	`VARCHAR2(23)`		Type of the object that `OBJ_PRIV` has accessed or `USER` if `USER_PRIV` was used
`COLUMN_NAME`	`VARCHAR2(128)`		Name of the column that `OBJ_PRIV` has access on
`OPTION$`	`NUMBER`		Indicates whether the privilege is granted with the `GRANT` option or the `ADMIN` option: `0` – Indicates that the privilege is granted without the `GRANT` option or `ADMIN` option `1` – Indicates that the privilege is granted with the `GRANT` option or `ADMIN` option
`PATH`	`GRANT_PATH`		Privilege grant paths
`RUN_NAME`	`VARCHAR2(128)`		The name of the run during which the privilege was reported