Re: granting another users tables ?

From: W. C. Epperson <epperson_at_pen.k12.va.us>
Date: 1995/05/24
Message-ID: <D93nBE.FKn_at_pen.k12.va.us>#1/1

Bo Bell (bob_at_indigoddb.be.statoil.no ) writes:
>

[snip]
> Although i'm able to create a table in anoter schema, I can't grant
> object rights on the tables to other users (Yes, i'm running the
> script as system (have tried internal and sys also))
[snip]
> My only solution so far is to grant the schema owner CONNECT
> privilige, connecting as this user and granting all object priviliges
> to a DBA role. At this point the SYSTEM account may grant these
> priviliges to others.
>
Ohhhh, nooooo. This was one of the biggest DBA frustrations at v5 and v6: DBA can create/drop an object, but can't administer it, although he can backdoor into the owner's schema and give himself the ability to do so. I'd thought that v7 overcame this, since the DBA role has SELECT/UPDATE/INSERT/DELETE/REFERENCES ANY TABLE WITH ADMIN OPTION but had not tried it out. Now that I've seen this posting, I can read the doc to say that this gives the DBA the ability to grant a user the ability to, say,
SELECT ANY TABLE
but not to grant the ability to select a specific table belonging to another user/schema unless the same old workaround is used. Grrrrrrrr.

W.C. Epperson
Senior Systems Engineer
DBA Emeritus
Va. Dept. of Education Received on Wed May 24 1995 - 00:00:00 CEST

This message: [ Message body ]
Next message: Laurence Barea: "Re: Which NT platform for Oracle 7.1 ?"
Previous message: Christopher Jones: "Re: HELP! SQL*PLUS V3.0 suppress dups in break column..."
In reply to: Bo Bell: "granting another users tables ?"
In reply to Bo Bell: "granting another users tables ?"
Next in thread: Laurence Barea: "Re: Which NT platform for Oracle 7.1 ?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message