SYSTEM User is Able To View Rows In ROLE_TAB_PRIVS Whereas SYS is Not (Doc ID 396367.1)

Last updated on MAY 12, 2017

Applies to:

Oracle Database - Enterprise Edition - Version 8.1.7.4 and later
Information in this document applies to any platform.
This problem can occur on any platform.

Symptoms

When logged as SYS , the following select returns 0 rows :

SQL> conn / as sysdba
Connected.
SQL> select * from role_tab_privs where role='ROLE1';
no rows selected

whereas when logged as SYSTEM, the same statement returns several rows :

SQL> conn system/manager
Connected.
SQL> select * from role_tab_privs where role='ROLE1';
ROLE OWNER
------------------------------ ------------------------------
TABLE_NAME COLUMN_NAME
------------------------------ ------------------------------
PRIVILEGE GRA
---------------------------------------- ---
ROLE1 SCOTT
EMP
SELECT NO

Even though when SYS grants new object privileges to the role, SYS still cannot list the privileges granted to the role :

SQL> conn / as sysdba
Connected. 

SQL> grant update on scott.emp to role1;
Grant succeeded.

SQL> select * from role_tab_privs where role='ROLE1';
no rows selected

SQL> conn system/manager
Connected.
SQL> select * from role_tab_privs where role='ROLE1'; 
   
ROLE                           OWNER
------------------------------ ------------------------------
TABLE_NAME                     COLUMN_NAME
------------------------------ ------------------------------
PRIVILEGE                                GRA
---------------------------------------- ---
ROLE1                          SCOTT
EMP
SELECT                                   NO

ROLE1                          SCOTT
EMP
UPDATE                                   NO

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms