Oracle create user with privileges to grant references

oraclepermissions

I want to create an Oracle user who can grant references to other users.
Do I need to make him sysdba for that, or is there any other way?

Best Answer

You don't need to grant SYSDBA privileges, and shouldn't unless really necessary. You should follow the principle of least privilege. From Oracle's security guidelines:

Do not provide database users or roles more privileges than are necessary. (If possible, grant privileges to roles, not users.) In other words, the principle of least privilege is that users be given only those privileges that are actually required to efficiently perform their jobs.

You just need to grant with admin option:

grant references on <schema>.<table> to <user> with admin option;

<user> can then grant references on to others, but can't pass on the admin option.

Related Solutions

Oracle SQL create view privileges

To grant privilege to create a view:

GRANT CREATE VIEW TO STD01;

To grant the DML privileges:

GRANT SELECT,UPDATE,INSERT,DELETE ON STD00.CUSTOMER TO STD01;

But that's not all of the object privileges. If you did:

GRANT ALL ON STD00.CUSTOMER TO STD01;

you would also give other privileges such as ALTER, INDEX, FLASHBACK, etc.

Oracle no privileges on tablespace USERS

You are granting the privileges to the incorrect user.

The schema owner i owns the table, and is therefore the user that needs to be granted the relevant permissions on the tablespace.

Best Answer

Related Solutions

Oracle SQL create view privileges

Oracle no privileges on tablespace USERS

Related Question