Re: way to grant schema privilege
- From: Raju Angani <r_angani@xxxxxxxxx>
- To: Richard.Goulet@xxxxxxxxxxx, dbvision@xxxxxxxxxxxx
- Date: Tue, 29 Sep 2009 10:21:07 -0700 (PDT)
Hi Richard,
That's what I was looking for, an example. Thanks for sharing.
.Raju
________________________________
From: "Goulet, Richard" <Richard.Goulet@xxxxxxxxxxx>
To: dbvision@xxxxxxxxxxxx
Cc: Oracle L <oracle-l@xxxxxxxxxxxxx>
Sent: Tuesday, September 29, 2009 8:54:12 AM
Subject: RE: way to grant schema privilege
Sorry, Nuno, but that is incorrect. Please see
http://www.it-eye.nl/weblog/2005/09/12/oracle-proxy-users-by-example/
Dick Goulet
Senior Oracle DBA/NA Team Lead
PAREXEL International
-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Nuno Souto
Sent: Monday, September 28, 2009 11:57 PM
Cc: Oracle L
Subject: Re: way to grant schema privilege
Not directly, no. Even through proxies, you still need to grant access
to
objects via a role and then the role to a logon, be that a proxy or for
example,
any logon that does a "ALTER SESSION SET CURRENT_SCHEMA=<schema>".
In other words: the proxy user is not a replacement for granted
privileges, it
complements them.
Your choice if you use a proxy logon - relevant for three-tier access -
or
something like a login trigger setting current_schema. Then a role is
granted to
that logon. The role defines the access privileges, not the user logon.
You
cannot grant an entire schema to a role, it has to be object by object.
--
Cheers
Nuno Souto
in sunny Sydney, Australia
dbvision@xxxxxxxxxxxx
dba1 mcc wrote,on my timestamp of 29/09/2009 4:07 AM:
> On ORACLE 10GR2 and 11G is it possible grant access privileges on
schema level NOT table/view level.
>
> for example, I want grant 'select, update, delete" on one schema (all
object under that schema) to another person. Is it possible?
>
--
//www.freelists.org/webpage/oracle-l
--
//www.freelists.org/webpage/oracle-l
Other related posts:
