Posted: 25 Aug 2016 2:47 EDT Last activity: 29 Aug 2016 11:57 EDT
Lots of undocumented Database Privileges are granted automatically
We just found out that a lot of database privileges are granted across RULES user & DATA user (Please see attached for the list). There are many documents about what roles / privileges we need to give for installation, but these are different from them and looks completely new to me. Are these something that PRPC automatically grants during installation?
If so, why these are not documented in PDN or installation guide - because usually customer wants to manage or know what roles / privileges are given for user objects. Also, these are each table / view based privilege and some of them are already included in those of installation guide and not needed. Some customers have their own policies to group it by Roles (not by Privileges) and that has to be informed to them. Please let me know if I am missing anything.
SQL> SELECT OWNER, GRANTOR, GRANTEE, PRIVILEGE, TYPE FROM DBA_TAB_PRIVS WHERE GRANTEE = 'DATA' order by PRIVILEGE, TYPE