RE: sys vs. "normal" User

  • From: "Koppelaars, Toon" <T.Koppelaars@xxxxxxxxxxxxxxxxxxxx>
  • To: <Joerg.Jost@xxxxxxxxxxxx>
  • Date: Tue, 4 Sep 2007 10:07:13 +0200


It wouldn't be my choice to create custom procedures in the SYS-schema. Other 
than "it's just not done" I am unaware of "something bad" when doing so.

Instead I would create a new (third) schema. Grant it the create session and 
create procedure system privileges, and grant it the necessary object priviges 
on the SYS objects you mention.
Then you can create your procedure in this schema, and finally grant execute on 
your procedure to the application schema.


-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On 
Behalf Of Jost," Jörg
Sent: dinsdag 4 september 2007 9:52
To: oracle-l@xxxxxxxxxxxxx
Subject: sys vs. "normal" User

Hello List,

as often, there is a discussion between our developers and me, the
dba ;-)

Our application connects to Oracle via SQLNet as a normal User. Every 
application client connects as the same user, so there are many 
connections with the same username in v$session.

At some important points this application locks rows with dbms_lock.

The lockname is the rowid of the row. Sometimes an evil user stays
forever at this row and other users are unable to change it.

This case in mind, i have written a small procedure, which get the
Primary Key of the locked rows and shows it via dbms_output.

Because of the Tables/Views i need to query, this procedure belongs to

My question is, is there something bad to install procedures as sys and
grant the procedure to the application user? Is there a "Dogma" that
says, never create or install self written packages as sys?

Should i grant select on the underlying Tables/Views instead?

The Objects i query are:


Also this objects, which are no problem because they exists also for the
normal user:


Thx in advance




Other related posts: