limited DBA privileges
Date: Tue, 29 Apr 2008 18:27:15 -0400
As part of a company-wide security initiative, I've been tasked with coming up an implementation of limited DBA privileges. Specifically, a set of database privileges that allow a user with these privileges to maintain the database (e.g., add/resize datafiles; create and modify tablespaces; create, alter and move tables; create, alter and rebuild indexes; query the data dictionary), while restricting that user from querying sensitive data in specific tables (e.g., credit card data). Has anyone encountered such a requirement before? Any suggestions? Can you point me toward any examples of how to create such a role?
Using Oracle Enterprise Version 10.2.0.3, we plan on keeping up with the latest security patches.
Oracle DBA, Staples, Inc.