The following table describes the predefined groups that are included in the Subscribed Groups option. There are additional predefined groups that are not described here.
|
Table |
Description |
|
Account Management Commands |
Initial Version: 7.0 Description: Commands used to maintain accounts (users, roles, permissions) Examples: REVOKE, GRANT, ALTER/CREATE/DROP USER |
|
Account Management Procedures |
Initial Version: 7.0 (a.k.a Account Management Objects) Description: Stored Procedures used to maintain acocunts (users, roles, permissions) |
|
Admin Users |
Initial Version: 6.1 Description: default administrative users (DBAs and SysAdmins?) |
|
Administrative Commands |
Initial Version: 6.1 (a.k.a Privileged Commands Description: Privileged Commands, should be executed only by DBAs. Examples: GRANT, BACKUP, DDL commands |
|
Administrative Programs |
Initial Version: 7.0 Description: Database utilities (clients) that come with with database and usually reside on the database server and could used by the server itself |
|
Administration Objects |
Initial Version: 6.1 (a.k.a Privileged Objects) Description: Objects that only DBA or Sys Accounts should access. These accounts are locked for 'public' by default. |
|
Allowed Grants to Public |
Initial Version: 7.0 Description: TUPLE Object/Command Application 8 (Security assessment) List of objects/commands for which grants to public are allowed, these objects will be skipped on MS-SQL and Sybase tests that check grants to public |
|
Application Privileged Commands |
Initial Version: 7.0 Description: Public privileged commands that should be revoked from 'public' but not revoked since they're in used by the application |
|
Application Privileged Procedures |
Initial Version: 7.0 (a.k.a Application Privileged Objects) Description: Public privileged procedures that should be revoked from 'public' but not revoked since they're in used by the application |
|
Application Schema Users |
Initial Version: 7.0 (a.k.a Application Users) Description: Database user used by the application to maintain/user the aplication tables |
|
Data Transfer Commands |
Initial Version: 6.1 (a.k.a Backup Commands) Description: commands dealing with backup/restore of database data |
|
Data Transfer Procedures |
Initial Version: 7.0 (a.k.a Data Transfer Objects) Description: procedures dealing with backup/restore of database data (mostly on MSS and SYB) |
|
DB Predefined Users |
Initial Version: 7.0 (a.k.a Default Users) Description: Either 'non-admin predefined users' or 'all predefined users, including the administrative ones' |
|
DDL Commands |
Initial Version: 6.1 (a.k.a Schema Privileged Commands Description: Data Definitions Language Examples: ALTER, CREATE, DROP |
|
Peer Association Commands |
Initial Version: 7.0 Description: commands dealing with links/replications of data Examples: Links, log shipping, replications, snapshots |
|
Peer Association Procedures |
Initial Version: 7.0 (a.k.a Peer Association Objects) Description: Procedures dealing with links/replications of data Examples: Links, log shipping, replications, snapshots |
|
Public executable procedures |
Initial Version: 7.0 (a.k.a Execute-Only Objects) Description: Procedures/functions/Packages that by default granted access to 'public' |
|
Public selectable objects |
Initial Version: 7.0 (a.k.a Select-only Objects) Description: Tables that by default granted access to 'public' |
|
Risk-indicative Error Messages |
Initial Version: 7.0 Description: SQL Errors related to security |
|
System Configuration Commands |
Initial Version: 7.0 Description: Database configuration commands (subset of 'Administrative Commands') Examples: ALTER DATABASE, ALTER SYSTEM |
|
System Configuration Procedures |
Initial Version: 7.0 (a.k.a System Configuration Objects) Description: (subset of 'Administration Objects') |
|
Vulnerable Objects (with wildcards) |
Initial Version: 7.0 Description: Database objects with reported vulnerabilities |