SYSTEM User is Able To View Rows In ROLE_TAB_PRIVS Whereas SYS is Not
(Doc ID 396367.1)
Last updated on FEBRUARY 23, 2023
Applies to:
Oracle Database - Enterprise Edition - Version 8.1.7.4 and laterOracle Database Cloud Schema Service - Version N/A and later
Oracle Database Exadata Cloud Machine - Version N/A and later
Oracle Cloud Infrastructure - Database Service - Version N/A and later
Oracle Database Cloud Exadata Service - Version N/A and later
Information in this document applies to any platform.
This problem can occur on any platform.
Symptoms
When logged as SYS , the following select returns 0 rows :
SQL> conn / as sysdba
Connected.
SQL> select * from role_tab_privs where role='ROLE1'; no rows selected
whereas when logged as SYSTEM, the same statement returns several rows :
SQL> conn system/manager
Connected.
SQL> select * from role_tab_privs where role='ROLE1';
ROLE OWNER
------------------------------ ------------------------------
TABLE_NAME COLUMN_NAME
------------------------------ ------------------------------
PRIVILEGE GRA
---------------------------------------- ---
ROLE1 <USER>
EMP
SELECT NO
Even though when SYS grants new object privileges to the role, SYS still cannot list the privileges granted to the role :
SQL> conn / as sysdba
Connected.
SQL> grant update on <USER>.emp to role1;
Grant succeeded.
SQL> select * from role_tab_privs where role='ROLE1';
no rows selected
SQL> conn system/manager
Connected.
SQL> select * from role_tab_privs where role='ROLE1';
ROLE OWNER
------------------------------ ------------------------------
TABLE_NAME COLUMN_NAME
------------------------------ ------------------------------
PRIVILEGE GRA
---------------------------------------- ---
ROLE1 <USER>
EMP
SELECT NO
ROLE1 <USER>
EMP
UPDATE NO
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |