sf_allow.sql
Download SQL script
sf_allow.sql
-- ----------------------------------------------------------------------------
-- Script Name : st_allow.sql
-- Author : Pete Finnigan
-- Date : November 2023
-- ----------------------------------------------------------------------------
-- Description : SQL Firewall
-- Create the allow list
-- ----------------------------------------------------------------------------
-- Maintainer : Pete Finnigan (www.petefinnigan.com)
-- Copyright : Copyright (C) 2003 - 2023 PeteFinnigan.com Limited. All rights
-- reserved. All registered trademarks are the property of their
-- respective owners and are hereby acknowledged.
-- ----------------------------------------------------------------------------
-- License : This software is licensed to you by PeteFinnigan.com Limited. All
-- rights and ownership and copyright in the software are retained by
-- PeteFinnigan.com Limited in all possible cases. Posession of this
-- software does not infer any additonal rights. If you receive this
-- software without these copyright notices and license text, this text,
-- license and copyright still applies. This text, copyright and license
-- must not be removed under any circumstances. This applies to all
-- text displayed as comments up until and including the version history,
-- This text also applies to any copyright, banner or other text
-- refering to PeteFinnigan.com Limited ownership that is output by
-- the program.
--
-- This software is free to use BUT it is NOT open source and NOT GPL
-- or any similar license and it is NOT in the public domain.
--
-- You are permitted to use this software commercially or privately
-- provided these notices or banners as described are not removed. You
-- may modify the software and use it internally but this does not
-- infer any additonal rights in the software. i.e. if you delete
-- some of our code or change variable names or add features that does
-- not make it your code and does not give you the right to remove
-- our ownership in this software shown in these notices. This software must
-- not be made available or published in anyway, any language, any
-- modified form or original form except by PeteFinnigan.com Limited.
-- You must not incorporate this software into any free or commercial
-- product or software and you must not sell or give away any software that
-- includes this sofware.
--
--
-- In short this text is not written by a lawyer so please respect the
-- intent that you can use or modify it freely but not give it away
-- yourself or take away our right to attribution.
-- If someone else needs a copy please ask them to come to PeteFinnigan.com
-- Limited and we will happily let them also have a free copy. Also
-- as you may expect freely use does not include adding this software to
-- a commercial or free product (without our permission) but you
-- can use it internally in projects. We put our time into the free scripts
-- on our website or training courses and give these tools away for free and
-- in return we expect our copyright and ownership to always remain.
-- We like to help people but we also want to benefit from the fact
-- our name becomes known through these scripts and tools and software
-- that we make. We hope this makes sense.
--
-- ----------------------------------------------------------------------------
-- TODO
--
-- Version History
-- ==================
--
-- version who desc
-- ======= === =========================
-- 0.1.1 pxf first issue
-- ----------------------------------------------------------------------------
-- spoof.sql
spool sf_allow.lis
set echo off
prompt - connect to the SQL Firewall admin and create the allow list...
prompt press any key to continue....
pause
-- connect as vm
set echo off
define username = 'sql_f'
define password = 'sql_f'
@@c.sql
set echo on
set serveroutput on
exec dbms_sql_firewall.generate_allow_list('VM');
col sql_text for a90
col accessed_objects for a30
col current_user for a10
col top_level for a3
col username for a10
col version for 9999
set lines 220
select username,
sql_text,
accessed_objects,
current_user,
top_level,
version
from dba_sql_firewall_allowed_sql
/
exec dbms_sql_firewall.enable_allow_list('VM',DBMS_SQL_FIREWALL.ENFORCE_SQL,TRUE);
spool off
