select_catalog_role granted to newly created user named 'T' with create session privilege does not select data from dba_users
Date: Fri, 4 Dec 2009 14:56:09 -0500
Message-ID: <7d81ec570912041156t55b6ab65j6d356efafe63b716_at_mail.gmail.com>
Hello List,
I'm on 11.2.0.1 on OEL5.3
O7_DICTIONARY_ACCESSIBILITY is set to FALSE. I created a new user named 'T' and granted 'create session' privileges to 'T'. I also have another user named 'SCOTT' and a table named 'EMP' under this schema. With 'select any table' privilege granted to 'T' as user 'system', I am able to select data from scott.emp as user 'T' but I am unable to view DBA_USERS (which is obvious since O7_DICTIONARY_ACCESSIBILITY is set to FALSE). Then I revoke 'select any table' from 'T' and grant 'select_catalog_role' as user 'system' to 'T'. I expect to view data from dba_users but this does not happen. I get table or view does not exist. What am I doing wrong here? Thanks in advance.
SQL> SELECT * FROM role_role_privs WHERE role='SELECT_CATALOG_ROLE';
ROLE GRANTED_ROLE ADM ------------------------------ ------------------------------ --- SELECT_CATALOG_ROLE HS_ADMIN_SELECT_ROLE NO
SQL> SELECT * FROM role_role_privs WHERE role='HS_ADMIN_SELECT_ROLE';
no rows selected
SQL> SELECT * FROM role_sys_privs WHERE role='HS_ADMIN_SELECT_ROLE';
no rows selected
-- http://www.freelists.org/webpage/oracle-lReceived on Fri Dec 04 2009 - 13:56:09 CST