By default, from Oracle version 7.X on, the following sequence of events occurs when the database is created:
CATALOG.SQL is run and calls several other
CATAUDIT.SQL is run as one of the scripts
The auditing views are created.
A public synonym is created for each of the auditing views.
Public access is granted to enable SELECT on each of the auditing views.
Thus, from the point in time when the database is created, the
ability for anyone to audit activities in the database exists. In the
case of USER_ audit views, as opposed to DBA_ audit views, the user
will only be permitted to view information in his own area and not be
able to see information in another user’s schema. The
script can be found in the
$ORACLE_HOME/RDMBS80/ADMIN directory on most
platforms. On an OpenVMS system, all of the “CAT” scripts
(Oracle-delivered scripts with the first three letters of the script
name “CAT”) can be found in the
auditing views require few resources prior to being activated.
However, since public is granted access to them, be
sure to protect them from tampering. Running the
CATAUDIT.SQL script will create the auditing
views shown in Table 10.1. Only the access to the
DBA_ views for auditing is granted to the SELECT_CATALOG_ROLE.
Table 10-1. Oracle Standard Auditing Views (from CATAUDIT.SQL)
Description table for audit trail action ...