Creating roles and granting privs via role wouldn't work 'cz we have stored procedures that need privileges granted directly. Creating views wouldn't work 'cz even if I don't revoke the privileges they would still be able to view the data. I am sorry, my point wasn't clear enough. I wanted to be able to restrict the users WITHOUT revoking privs from public. I guess there is no way out. Thanks all. -Amit. ________________________________ From: Dennis Williams [mailto:oracledba.williams@xxxxxxxxx] Sent: Thursday, June 01, 2006 6:34 PM To: ric.van.dyke@xxxxxxxxxx Cc: Verma, Amit; Oracle-L Freelists Subject: Re: PUBLIC grants Amit, Oh, just what is it you DON'T want the auditors to see???? Usually auditing operates on the principle that nothing is hidden from the auditors. I was just reading about the auditors that audit the CIA. Are these tables where it is technically possible to revoke PUBLIC? Okay, you could: 1. Create a new role. 2. Grant the tables in question to that role. 3. Grant that role to everybody except the auditors. 4. Revoke PUBLIC from those tables. Dennis Williams