Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

What's the difference between the Oracle SYS and SYSTEM accounts?

Tags:

oracle

administration

database-administration

What are the differences between the Oracle SYS and SYSTEM built in accounts?

Edit: Apart from 3 letters!

like image 940
Hooloovoo Avatar asked May 27 '09 13:05

Hooloovoo

People also ask

What is Oracle system account?

The SYS user is granted the SYSDBA privilege, which enables a user to perform high-level administrative tasks such as backup and recovery. SYSTEM. This account can perform all administrative functions except the following: Backup and recovery. Database upgrade.

What is SYS system?

sys is a filename extension used in MS-DOS applications and Microsoft Windows operating systems. They are system files that contain device drivers or hardware configurations for the system. Most DOS . sys files are real mode device drivers. Certain files using this extension are not, however: MSDOS.

What is the difference between SYS and Sysdba?

SYS can connect AS SYSDBA , SYSTEM cannot. SYSDBA privilege is required to perform certain administrative tasks, like CREATE DATABASE and DROP DATABASE , and query any tables despite GRANT 'ed permissions on them. In fact, whenever you connect as SYSDBA , you become a SYS .

Can the Oracle SYS account be locked?

SYS is different though. You can't lock it, even if you can, you can't. You can disable remote SYS logins by setting remote_login_passwordfile to none , so only local logins are allowed.

2 Answers

SYS can connect AS SYSDBA, SYSTEM cannot.

SYSDBA privilege is required to perform certain administrative tasks, like CREATE DATABASEand DROP DATABASE, and query any tables despite GRANT'ed permissions on them.

In fact, whenever you connect as SYSDBA, you become a SYS.

like image 30
Quassnoi Avatar answered Oct 12 '22 22:10

Quassnoi

SYS owns the oracle data dictionary. Every object in the database (tables, views, packages, procedures, etc. ) all have a single owner. For the database dictionary, and a whole lot of special tables (performance views and the like) are all owned by the SYS user.

The SYSTEM user is supposed to be the master DBA user, with access to all of these object. This reflects an early, and long time, Oracle security design philosophy. You build the application using one user, then create a second with access (select, update, delete) but not drop privileges. This gives you a "super-user" access to your schema without being able to destroy it accidentally. Over the years, thing have been added to the SYSTEM account that may have needed to be in the SYS account. But very few people want to give out access to their SYS account if they don't have to.

like image 57
Thomas Jones-Low Avatar answered Oct 12 '22 21:10

Thomas Jones-Low
Sign in to Comment

Related questions

Hibernate Criteria for Dates
Oracle (ORA-02270) : no matching unique or primary key for this column-list error
How to get list of all the procedure inside a package oracle
Where does Oracle ADF 11g stands among Java EE Frameworks?
How to use existing Oracle sequence to generate id in hibernate?
Oracle: How to count null and non-null rows
select from one table, insert into another table oracle sql query
sqlplus remote connection giving ORA-21561
Connection timeout for DriverManager getConnection
Using LIKE in an Oracle IN clause
SQL: delete all the data from all available tables
Multiple REPLACE function in Oracle
ODP.NET Oracle.ManagedDataAcess random ORA-12570 errors
Selecting both MIN and MAX From the Table is slower than expected
Curious issue with Oracle UNION and ORDER BY
Is substr or LIKE faster in Oracle?
How to create a blank/empty column with SELECT query in oracle?
Get ID of last inserted record in oracle db
How can I create a unique index in Oracle but ignore nulls?
Why is selecting specified columns, and all, wrong in Oracle SQL?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!