Chinaunix首页 | 论坛 | 博客
  • 博客访问: 411082
  • 博文数量: 119
  • 博客积分: 1470
  • 博客等级: 上尉
  • 技术积分: 1258
  • 用 户 组: 普通用户
  • 注册时间: 2006-02-24 13:50
文章分类

全部博文(119)

文章存档

2018年(6)

2017年(11)

2016年(4)

2013年(8)

2012年(1)

2011年(2)

2010年(4)

2009年(37)

2008年(16)

2006年(30)

我的朋友

分类: Oracle

2008-10-20 14:40:30

System Privileges
A system privilege controls user behavior in the database. System privileges define what actions a user is allowed to take within a database. When a privilege with "ANY" is ed on a object (such as CREATE ANY CLUSTER), the user is given access to that type of object in all schemas, including the SYS schema.
System privileges can be granted WITH ADMIN OPTION. When system privileges are revoked, the revoke does not cascade.

To prohibit access to objects in the SYS schema, set = FALSE. and SYSOPER can be referred to as system privileges but should be thought of as types of as control of these "privileges" is maintained outside of a database.

System Privilege Description

Allows execution of command in any schema
Allows execution of command in grantee's schema.
Allows execution of command in any schema.
Allows execution of command in any schema



Create any context namespace
Drop any context namespace



Allows execution of command.
Allows execution of command.
Allows execution of command to audit SQL statements.



Allows execution of command.
Allows execution of command.
Allows execution of command.




Connect the current session to a debugger that uses the Java Debug Wire Protocol (JDWP).

Debug all PL/SQL and Java code in any database object; display information on all SQL statements executed by the application. Note: Granting this privilege is equivalent to granting the DEBUG on all applicable objects in the database.



Alter dimensions in any schema
Create dimensions in the grantee's schema
Create dimensions in any schema
Drop dimensions in any schema



Allows execution of command.
Allows execution of command.











Allows execution of command in any schema.
Allows execution of command in any schema.
Allows execution of command in any schema.
Enable rewrite using a materialized view, or create a function-based index, when that materialized view or index references tables and views that are in the grantee's own schema
Enable rewrite using a materialized view, or create a function-based index, when that materialized view or index references tables or views in any schema

Modify indextype in any schema
Create an indextype in the grantee's schema
Create an indextype in any schema
Drop an indextype in any schema
Reference an indextype in any schema

Allows execution CREATE or REPLACE LIBRARY command to alter an existing external library in another schema.
Allows execution of command to define a library in grantee's schema.
Allows user to define a library for external functions in another schema.
Allows execution of command to define a library in any schema.
Allows execution of an extern function defined in any library in any schema.
Alter materialized view in any schema
Create a materialized view in the grantee's schema
Create materialized view in any schema
Drop materialized view in any schema
Enable rewrite using a materialized view, or create a function-based index, when that materialized view or index references tables and views that are in the grantee's own schema
Enable rewrite using a materialized view, or create a function-based index, when that materialized view or index references tables or views in any schema
Create a refresh-on-commit materialized view on any table in the database
Alter a refresh-on-demand materialized on any table in the database to refresh-on-commit
Issue a SQL flashback query on any table, view, or materialized view in any schema. (This privilege is not needed to execute the procedures.)

Alter an operator and its bindings in any schema
Create an operator and its bindings in the grantee's schema
Create an operator and its bindings in any schema
Drop an operator in any schema
Reference an operator in any schema

Modify outlines in any schema
Create public outlines that can be used in any schema that uses outlines
Drop an outline in any schema

Allows execution , & commands in any schema as well as CREATE or REPLACE , , or
Allows execution of , & commands in grantee's schema.
Allows execution of , & commands in any schema.
Allows execution of , & commands in any schema.
Allows exection of function, procedure or packages. Reference public package variables in any schema.

Allows execution of the command.

Allows execution of the command.
has something to do with Oracle applications?

Allows execution of the command.






Allows execution of command to add, change or remove a password on a role in a database.
Allows execution of command.
Allows execution of command.
Allows execution of command for any role that grantee does not have WITH ADMIN OPTION.

Allows execution of command.
Allows execution of command.
Allows execution of command.













Allows execution of command in any sequence.
Allows execution of command.
Allows execution of command in any sequence.
Allows execution of command in any schema.
Allows execution of command to retrieve the next sequence value for any sequence (except SYS) in database.

Allows execution of command.
Allows execution of command.
Allows grantee to connect to database.
Allows user to access database in MODE.
See RESTRICT or {ENABLE | DISABLE} RESTRICTED SESSION.

Allows execution of command in grantee's schema.
Allows execution of command in any schema.
Allows execution of command.
Allows execution of command in any schema.
Allows execution of command.

Related to OEM? Can be granted manually using .GRANT_SYSTEM_PRIVILEGE

Allows execution of command on all tables, clusters, or indexes in a database.
Allows execution of command any database object in any schema.
Allows execution of command for all tables in database.
Bypass fine-grained access control. Database administrators should use caution when granting this privilege.
FORCE TRANSACTION Allows execution of command for any in-doubt transactions created by the grantee.
Allows execution of command for any in-doubt transactions in a database.
Grant/revoke any . Any object privilege that was granted by the object owner or by some other user.
Allows execution of command for any role not previously granted using the WITH ADMIN OPTION to the grantee.
Enable resumable space allocation
Query access to any object in the SYS schema, including tables created in that schema.
Not included in ALL [PRIVILEGES] statement, nor can it be granted through a role. Use with care.
Included here for completeness.
Included here for completeness.

Allows execution of command on any table in a database.
Allows use of the utility to perform a full export.
Allows execution of command in grantee's schema.
Allows execution of command in any schema.
Allows execution of command against any table in a database.
Allows execution of command in any schema. Required to any table.
Issue a SQL flashback query on any table, view, or materialized view in any schema. (This privilege is not needed to execute the procedures.)
Allows execution of command against any table in a database.
Allows execution of command against any table in a database.
Allows execution of command against any table in a database.

Allows execution of command against any table in a database.

Allows execution of command.
Allows execution of command.
Allows execution of command.
Allows execution of command to offline, online and begin and end tablespace backups.
Use an unlimited amount of any tablespace. This privilege overrides any specific quotas assigned. If you revoke this privilege from a user, then the user's schema objects remain but further tablespace allocation is denied unless authorized by specific tablespace quotas. This system privilege cannot be granted to a to . Also see QUOTA UNLIMITED ON tablespace_name

Allows execution of command for all triggers in a database.
Create a trigger on DATABASE. (Must also have the CREATE TRIGGER or CREATE ANY TRIGGER privilege.)
Allows execution of command in grantee's schema.
Allows execution of command for all triggers in a database.
Allows execution of command for all triggers in a database.

Allows execution of command on any user-defined type in any schema.
Create object types and object type bodies in grantee's schema
Allows creation of a user-defined type in any schema.
Allows execution of any user-defined type in any schema.
Allows you to reference and execute any type or method in any schema. If you grant EXECUTE ANY TYPE to a role, then users holding the enabled role will not be able to invoke methods of an object type in any schema.
Create subtypes under any nonfinal object types.

Allows execution of command. This privilege authorizes the grantee to: Change another user's password or authentication method, assign quotas on any tablespace, set default and temporary tablespaces & assign a profile and default roles
Become another user. (Required by any user performing a full database .)
Allows execution of command. This privilege also allows the creator to: Assign quotas on any tablespace, set default and temporary tablespaces, & assign a profile as part of a CREATE USER statement
Allows execution of command.

Allows execution of command in any schema.
Allows execution of command in grantee's schema.
Allows execution of command in any schema.
Allows execution of command in any schema.

Issue a SQL flashback query on any table, view, or materialized view in any schema. (This privilege is not needed to execute the procedures.)







阅读(2201) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~