if that were true, views would be worthless for security; anyone could circumvent the views by looking at the view definition in the data dictionary, and access the underlying tables. so you *don't* need any privileges on underlying tables in order to use privileges granted to you on a view; of course, the act of *granting* those privileges on the view ( as opposed to *using* them) is something else: that is only allowed for the owner (SYS) or anyone with DBA privileges. Chris is right, by the way: you should never grant insert/update/delete privileges on data dictionary objects to anyone. Kind regards, Lex. ------------------------------- visit http://www.naturaljoin.nl <http://www.naturaljoin.nl> ------------------------------- skype me <callto://lexdehaan> -----Original Message----- From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx]On Behalf Of chris@xxxxxxxxxxxxxxxxxxxxx Sent: Friday, October 15, 2004 09:12 To: ltiu@xxxxxxxxxxxxx Cc: oracle-l@xxxxxxxxxxxxx Subject: Re: Basic Oracle Views and Tables Permissions Question. Lydon, As far as I'm aware it is the permissions on the underlying table(s) that count and not those on the views. BTW it should be easy for you to prove this to yourself by setting up a simple test. Also you shouldn't be giving update/insert access to sys objects to other users. This isn't good practise. It's also not a good idea to create your own objects in sys if you've done that. The sys schema is Oracle's so we should leave it to Oracle, except for select access of course. HTH Chris Quoting Lyndon Tiu <ltiu@xxxxxxxxxxxxx>: > Hello, > > I have a table that is owned by sys and is only accessible (insert, select, > update) to user sys. > > Now if I create a view on that table that is more permissible (allows select, > insert, update) to everyone ... every user in the database. > > Is this possible or is the view's permission dependent on the underlying > table's permissions? > > Thanks for helping. > > -- > Lyndon Tiu > -- > //www.freelists.org/webpage/oracle-l > Chris Dunscombe Christallize Ltd ------------------------------------------------- Everyone should have http://www.freedom2surf.net/ -- //www.freelists.org/webpage/oracle-l -- //www.freelists.org/webpage/oracle-l