Solved

revoking drop/alter table privileges from a user

Posted on 2001-08-31
6
2,859 Views
Last Modified: 2011-10-03
Dear Experts,I have created a user and granted the create session,create any table priv.i assigned default tablespace system quota 50m for this user.I connected to that user and tried to create a table .it created a table.I revoked create any table priv. from that user by connecting at system/manager.Again I connected to that user and tried to create a table.it is displaying the message insufficient priv. this is fine.I want to revoke the drop and alter table priv.from that user also.how to do that
Madhavi
0
Comment
Question by:madhavi_vsr
6 Comments
 
LVL 2

Expert Comment

by:renuraj
ID: 6444757
REVOKE DROP TABLE FROM <user name>;
REVOKE ALTER TABLE FROM <user name>;

Regards
0
 

Expert Comment

by:mareyalare
ID: 6444963
You may also want revoke the privileges on a specific object.
REVOKE DROP TABLE ON <TABLENAME> FROM <USERNAME>;
REVOKE ALTER TABLE ON <TABLENAME> FROM <USERNAME>;
If you use the clause CASCADE CONSTRAINTS, it would drop any referential integrity constraints defined by the user.

Regards

0
 
LVL 3

Expert Comment

by:ramkb
ID: 6445362

Hi,

Just like 'CREATE ANY TABLE' there are 'ALTER ANY TABLE' and 'DROP ANY TABLE' system privileges in Oracle.

You have to connect as SYSTEM (or any DBA USER) and do:
REVOKE ALTER ANY TABLE FROM <USER>;
REVOKE DROP ANY TABLE FROM <USER>;

Cheers,
Ramesh
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 6

Accepted Solution

by:
Jankovsky earned 50 total points
ID: 6445390
Hi,
I'm sorry, but it doesn't work.
You can't revoke from user DROP and ALTER its own table.

...ANY TABLE means like operations in another schemas.

Usualy We create two different users: as database objects (tables) owner and second user, who has granted access to owner's objects and specified synonyms.

Regards.
0
 

Author Comment

by:madhavi_vsr
ID: 6447157
hey, this statement
REVOKE DROP TABLE ON <TABLENAME> FROM <USERNAME>;
giving the error
ORA-00990: missing or invalid privilege
ths statement
REVOKE ALTER ANY TABLE FROM <USER>; giving
ORA-01952: system privileges not granted to <user>
0
 

Expert Comment

by:ksskanth
ID: 6449624
Hi

You have given only 2 privilegs

1) Create session
2) Create any table

Also Drop privilege & alter table privilege is given to the user for any table create by him which cannot revoked.

To give only selective privileges create a role with all the privileges and grant that role to the user. Also create table with some other user to make him as owner and give only privileges to other users.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Working with Network Access Control Lists in Oracle 11g (part 1) Part 2: http://www.e-e.com/A_9074.html So, you upgraded to a shiny new 11g database and all of a sudden every program that used UTL_MAIL, UTL_SMTP, UTL_TCP, UTL_HTTP or any oth…
How to Unravel a Tricky Query Introduction If you browse through the Oracle zones or any of the other database-related zones you'll come across some complicated solutions and sometimes you'll just have to wonder how anyone came up with them.  …
Via a live example, show how to take different types of Oracle backups using RMAN.
This video shows how to recover a database from a user managed backup

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now