RE: Question re view privileges

From: Mercadante, Thomas F (LABOR) <>
Date: Thu, 11 Sep 2008 08:14:13 -0400
Message-ID: <ABB9D76E187C5146AB5683F5A07336FFE09289@EXCNYSM0A1AJ.nysemail.nyenet>


I follow the basic rule that if a view is needed on data from a specific schema, then that schema should own the view. There is no good reason for allowing another schema to create views on a base schema and then share that view around to other users. As a DBA, you lose control very quickly and answering the question from auditors later on of "Who can see his data" gets very hard to answer.  

Just my opinion.  


[] On Behalf Of William Wagman Sent: Wednesday, September 10, 2008 4:30 PM To: Jared Still
Subject: RE: Question re view privileges  

One learns something new every day, I did not know this. Thank you.  

Bill Wagman
Univ. of California at Davis
IET Campus Data Center
(530) 754-6208

From: Jared Still [] Sent: Wednesday, September 10, 2008 1:26 PM To: William Wagman
Subject: Re: Question re view privileges  

On Wed, Sep 10, 2008 at 1:05 PM, William Wagman <> wrote:

        ORA-01031, insufficient privileges is returned. In order to resolve this schema Y had to         

        SQL> grant select on v1 to X with grant option;

It has worked this way for quite a long time.

SELECT privs on T1 have been granted to X

Y as the owner of T1, does not intend for X to share this data with Z, or anyone else.

Y has to explicitly allow X to share this data, which is why the 'grant option' is needed
for X to allow Z to see the view V1.

Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist

Received on Thu Sep 11 2008 - 07:14:13 CDT

Original text of this message