| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Oracle permissions issue Oracle 9.2.0.7/Win 2003
Oracle 9.2.0.7
Windows 2003
We are going through a Certification and Accreditation process with our databases. We are being dinged for grants that any schema owner is giving on its objects to database roles. We were told that only the SYSTEM user or a user with DBA privileges should grant the permissions on any object to any role.
We have changed the process so that the user SYSTEM will log in and grant the permissions but here is something we have noticed.
Lets say that the schema in question is SCOTT. The table to grant SELECT permission on is the EMP table. The role to grant permissions to is EMP_ACCESS_ROLE
GRANT SELECT on SCOTT.EMP to EMP_ACCESS_ROLE;
2. When we run
select * from DBA_TAB_PRIVS where table = 'EMP';
GRANTEE OWNER TABLE_NAME GRANTORPRIVILEGE
3. We then tried this (even though this is retarded and unnecessary since SYSTEM has the SELECT permission to begin with)
GRANT SELECT ON SCOTT.EMP TO SYSTEM WITH GRANT OPTION; 4. We then log in as SYSTEM and grant the permission again.
GRANT SELECT on SCOTT.EMP to EMP_ACCESS_ROLE;
5. When we run
select * from DBA_TAB_PRIVS where table = 'EMP';
GRANTEE OWNER TABLE_NAME GRANTORPRIVILEGE
Has anyone else run into this problem of the schema owner showing up as the GRANTOR even though SYSTEM granted the permission. What was your work around ?
Thanks in advance. Received on Thu Aug 30 2007 - 10:42:12 CDT
 |
 |