As part of a company-wide security initiative, I've been tasked with coming up an implementation of limited DBA privileges. Specifically, a set of database privileges that allow a user with these privileges to maintain the database (e.g., add/resize datafiles; create and modify tablespaces; create, alter and move tables; create, alter and rebuild indexes; query the data dictionary), while restricting that user from querying sensitive data in specific tables (e.g., credit card data). Has anyone encountered such a requirement before? Any suggestions? Can you point me toward any examples of how to create such a role? Using Oracle Enterprise Version 10.2.0.3, we plan on keeping up with the latest security patches. Mark Cochran Oracle DBA, Staples, Inc. 508.253.8408