Chapter 17. Managing Privileges

Terms you'll need to understand:

• DBA_SYS_PRIVS>

• SESSION PRIVS

• DBA_TAB_PRIVS>

• DBA_COL_PRIVS>

• ALL_DEV_AUDIT_OPTS

• DBA_STMT_AUDIT_OPTS>

• DBA_PRIV_AUDIT_OPTS>

• DBA_OBJ_AUDIT_OPTS>

• DBA_AUDIT_TRAIL>

• DBA_AUDIT_EXISTS>

• DBA_AUDIT_OBJECT>

• DBA_AUDIT_SESSION>

• DBA_AUDIT_STATEMENT>

• Grant

• Revoke

• System privileges

• Object privileges

Concepts you'll need to master:

• Identify system privileges.

• Identify object privileges.

• Grant and revoke privileges.

• Identify auditing capabilities.

Users can do very little, nothing in fact, until they have been granted certain privileges. Everything in Oracle is controlled either directly through granting privileges or indirectly through groups of privileges called roles, covered in Chapter 18, "Managing Roles." This chapter deals with the building blocks called privileges.

A privilege is a deliberately granted or an inferred right to access and execute a given program or to view or alter data.

Oracle has two different types of privileges: system privileges> and object privileges>. The following section covers system privileges.