Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.misc -> Re: Grant table creation
Mark D Powell wrote:
> The ANY privileges mean just that. In the case of Create Any Table
> that means the grantee can create tables belonging to any user.
>
> If you want to create tables under a specific user create a routine
> under the target schema that uses execute immediate to issue the create
> table command under the authority of the procedure owner. You could
> also create the package/procedure under a DBA id and use logic to limit
> the target schemas to authorized ID's.
>
> HTH -- Mark D Powell --
I haven't tried it but on reflection is seems to me something could be done with a DDL trigger.
The DBA can grant CREATE ANY privilege to someone but then, in a database level DDL trigger, trap for the user executing the DDL: (ora_login_user, or other) and trap for the schema in which the object is being created (ora_dict_obj_owner) and just raise an error if it wasn't being created in an allowed schema.
-- Daniel A. Morgan University of Washington damorgan_at_x.washington.edu (replace 'x' with 'u' to respond)Received on Thu Apr 28 2005 - 23:39:27 CDT