How do you determine what privileges are granted by a role?
The following data dictionary views will provide you with the information you need:
ROLE_ROLE_PRIVS Roles which are granted to roles ROLE_SYS_PRIVS System privileges granted to roles ROLE_TAB_PRIVS Table privileges granted to rolesIf you want to know which system privileges (things like CREATE TABLE or DROP USER) are available through a specific role, such as the DBA role, simply execute this query:
SELECT privilege, admin_option FROM role_sys_privs WHERE role = 'DBA' ; PRIVILEGE ADM ---------------------------------------- --- ALTER ANY TYPE YES ALTER DATABASE YES ALTER PROFILE YES ALTER RESOURCE COST YES ...and so onYou can query the other views in similar fashion, just describe each view to determine the columns they contain and query for what you wish to see.
Hope that helps!
For More Information
- Dozens more answers to tough Oracle questions from Karen Morton are available.
- The Best Oracle Web Links: tips, tutorials, scripts, and more.
- Have an Oracle or SQL tip to offer your fellow DBAs and developers? The best tips submitted will receive a cool prize. Submit your tip today!
- Ask your technical Oracle and SQL questions -- or help out your peers by answering them -- in our live discussion forums.
- Ask the Experts yourself: Our SQL, database design, Oracle, SQL Server, DB2, metadata, object-oriented and data warehousing gurus are waiting to answer your toughest questions.
Dig Deeper on Oracle database security
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.