RE: way to grant schema privilege

From: Goulet, Richard <>
Date: Tue, 29 Sep 2009 11:54:12 -0400
Message-ID: <>

Sorry, Nuno, but that is incorrect. Please see

Dick Goulet
Senior Oracle DBA/NA Team Lead
PAREXEL International

-----Original Message-----
[] On Behalf Of Nuno Souto Sent: Monday, September 28, 2009 11:57 PM Cc: Oracle L
Subject: Re: way to grant schema privilege

Not directly, no. Even through proxies, you still need to grant access to
objects via a role and then the role to a logon, be that a proxy or for example,
any logon that does a "ALTER SESSION SET CURRENT_SCHEMA=<schema>". In other words: the proxy user is not a replacement for granted privileges, it
complements them.
Your choice if you use a proxy logon - relevant for three-tier access - or
something like a login trigger setting current_schema. Then a role is granted to
that logon. The role defines the access privileges, not the user logon. You
cannot grant an entire schema to a role, it has to be object by object.

Nuno Souto
in sunny Sydney, Australia

dba1 mcc wrote,on my timestamp of 29/09/2009 4:07 AM:

> On ORACLE 10GR2 and 11G is it possible grant access privileges on
schema level NOT table/view level.
> for example, I want grant 'select, update, delete" on one schema (all
object under that schema) to another person. Is it possible?
-- --
Received on Tue Sep 29 2009 - 10:54:12 CDT

Original text of this message