Re: select_catalog_role granted to newly created user named 'T' with create session privilege does not select data from dba_users
Date: Fri, 04 Dec 2009 22:24:32 +0100
> I'm on 18.104.22.168 on OEL5.3
> O7_DICTIONARY_ACCESSIBILITY is set to FALSE. I created a new user
> named 'T' and granted 'create session' privileges to 'T'. I also have
> another user named 'SCOTT' and a table named 'EMP' under this schema.
> With 'select any table' privilege granted to 'T' as user 'system', I
> am able to select data from scott.emp as user 'T' but I am unable to
> view DBA_USERS (which is obvious since O7_DICTIONARY_ACCESSIBILITY is
> set to FALSE). Then I revoke 'select any table' from 'T' and grant
> 'select_catalog_role' as user 'system' to 'T'. I expect to view data
> from dba_users but this does not happen. I get table or view does not
> exist. What am I doing wrong here? Thanks in advance.
the system privilege SELECT ANY DICTIONARY is your friend.
of course you may create a special role holding it if it is not ok to grant it directly to a user.
kfReceived on Fri Dec 04 2009 - 15:24:32 CST