Re: Question re view privileges
Date: Thu, 11 Sep 2008 09:57:30 -0400
Message-ID: <55f303590809110657s72c8144ct45e2b4fa743d539e@mail.gmail.com>
Such situation is being addressed in 10G by:
SQL> grant select on v1 to u3;
grant select on v1 to u3
*
ERROR at line 1:
ORA-01720: grant option does not exist for 'U1.A'
SQL> !oerr ora 1720
01720, 00000, "grant option does not exist for '%s.%s'"
// *Cause: A grant was being performed on a view and the grant option was // not present for an underlying object. // *Action: Obtain the grant option on all underlying objects of the view.
--romas
On Wed, Sep 10, 2008 at 4:05 PM, William Wagman <wjwagman_at_ucdavis.edu>wrote:
> Greetings,
>
> I just demonstrated something to myself which took me by surprise and am
> wondering if I am perhaps missing something. Running Oracle 9.2.0.8.0 EE on
> RHEL 64-bit. Here is the scenario...
>
> schema X has a view, v1 which selects from table t1 owned by schema Y.
> schema Y has granted select on t1 to schema X.
> schema X has in turn granted select on view v1 to user Z.
>
> When user Z issues the command
>
> SQL> select * from X.v1;
>
> ORA-01031, insufficient privileges is returned. In order to resolve this
> schema Y had to
>
> SQL> grant select on v1 to X with grant option;
>
> My question. I didn't expect it would be necessary to issue the grant with
> grant option. Am I missing something or is there another way to handle this?
> I don't want to issue the grant to public and I am not particularly happy
> about user X being able to grant select on view v1 to others. If this is the
> way it must be so be it but it took me by surprise.
>
> Thanks.
>
> Bill Wagman
> Univ. of California at Davis
> IET Campus Data Center
> wjwagman_at_ucdavis.edu
> (530) 754-6208
>
> --
> http://www.freelists.org/webpage/oracle-l
>
>
>
-- http://www.freelists.org/webpage/oracle-lReceived on Thu Sep 11 2008 - 08:57:30 CDT