RE: Default user permissions
Date: Tue, 8 Nov 2011 10:51:09 -0500
Message-ID: <C95D75DD2E01DD4D81124D104D317ACA1B89A7A7EC_at_JAXMSG01.crowley.com>
Personally, I skip connect role and just grant create session; but that's besides the point. If you want minimum of permissions, why not say quota 0 on users.
Are you sure you checked dba_role_privs where grantee = 'CONNECT' and dba_sys_privs? Because what you describe should not allow bb_stage to create tables without CREATE TABLE somewhere.
Joel Patterson
Database Administrator
904 727-2546
-----Original Message-----
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Leo Drobnis
Sent: Tuesday, November 08, 2011 10:44 AM
To: ORACLE-L
Subject: Default user permissions
I am a bit puzzled, maybe I am getting rusty.
I need to create a user with bare minimum permissions:
CREATE USER bb_stage
IDENTIFIED BY "password"
DEFAULT TABLESPACE users
TEMPORARY TABLESPACE TEMP; GRANT CONNECT TO bb_stage;
ALTER USER bb_stage QUOTA UNLIMITED ON "USERS";
Connect role only has create session.
Public has no privileges.
However the newly created user can create and drop tables.
I am trying to find where it's coming from.
Any idea???
--
http://www.freelists.org/webpage/oracle-l
--
http://www.freelists.org/webpage/oracle-l
Received on Tue Nov 08 2011 - 09:51:09 CST