Re: Role/Security Question

From: Shakespeare <whatsin_at_xs4all.nl>
Date: Fri, 20 Jun 2008 10:49:59 +0200
Message-ID: <485b6f34$0$14354$e4fe514c@news.xs4all.nl>

"Dereck L. Dietz" <dietzdl_at_ameritech.net> schreef in bericht news:F3D6k.10505$uE5.689_at_flpi144.ffdc.sbc.com...
> Oracle 10.2.0.3.0
> Windows Server 2003
>
> In our database the security has been wide open (every table has been
> granted SELECT TO PUBLIC). Also, every schema has had privileges such as
> SELECT ANY TABLE granted to them.
>
> We're going to be having outside users start using the database and there
> are only certain tables they're supposed to have access to.
>
> I've been trying to revoke PUBLIC from all the tables and grant privileges
> through roles.
>
> For the most part it's going okay but we've received an insufficient
> privilege violation for a schema trying to select from tables owned by
> other schemas to create a view. The schema has the proper role to select
> from the tables but it wouldn't work until I granted the SELECT ANY TABLE
> privilege.
>
> What am I doing wrong?
>

Grant select on the underlying tables with grant option.

With a view on some other schema, you indirectly expose data from that schema to others in your schema. That's why you need the grant option

Shakespeare Received on Fri Jun 20 2008 - 03:49:59 CDT

This message: [ Message body ]
Next message: Wilfrid: "ADO request mistery"
Previous message: Shakespeare: "Re: How to prevent using shared pool with dynamic sql pivoting?"
In reply to: Dereck L. Dietz: "Role/Security Question"
Next in thread: Mark D Powell: "Re: Role/Security Question"
Reply: Mark D Powell: "Re: Role/Security Question"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message