Re: Managing Oracle Users

From: John Hurley <>
Date: Sat, 1 Aug 2009 11:54:45 -0700 (PDT)
Message-ID: <>

On Jul 31, 8:03 pm, undbund <> wrote:


> According to Oracle....
> However, beginning in Oracle Database 10g Release 2 (10.2), the
> CONNECT role has only the CREATE SESSION privilege, all other
> privileges are removed.
> This should mean that when the user has only Connect role, he/she
> should only be able to login in and do nothing else.
> When I connect using this user... I can see other shemas like sys,
> system, etc and view some of their tables and the data in it, which is
> dangerous. I use Navicat software to work with Oracle.
> I did notice that using this user, I can only view some of the tables
> from sys and system shema (as compared to logging in as system), which
> is still dangerous, I think.
> I am really lost as to how to prevent this from happening.
> All your help is appreciated.
> Thanks,
> Undbund

Sometimes people get a little snarky around here.

It might be best to go back to the beginning and start over.

Create a single user ... grant then only the connect role ( since that's what you say you want to test ) ...

Do this via sqlplus and show us the output along the way ...

Then log in as that user again via sqlplus and try these commands ...

select count(*) from user_tables

select count(*) from all_tables

select count(*) from dba_tables

Let us see in your output what the results from these commands were ... Received on Sat Aug 01 2009 - 13:54:45 CDT

Original text of this message