madhavi_vsr
asked on
revoking drop/alter table privileges from a user
Dear Experts,I have created a user and granted the create session,create any table priv.i assigned default tablespace system quota 50m for this user.I connected to that user and tried to create a table .it created a table.I revoked create any table priv. from that user by connecting at system/manager.Again I connected to that user and tried to create a table.it is displaying the message insufficient priv. this is fine.I want to revoke the drop and alter table priv.from that user also.how to do that
Madhavi
Madhavi
You may also want revoke the privileges on a specific object.
REVOKE DROP TABLE ON <TABLENAME> FROM <USERNAME>;
REVOKE ALTER TABLE ON <TABLENAME> FROM <USERNAME>;
If you use the clause CASCADE CONSTRAINTS, it would drop any referential integrity constraints defined by the user.
Regards
REVOKE DROP TABLE ON <TABLENAME> FROM <USERNAME>;
REVOKE ALTER TABLE ON <TABLENAME> FROM <USERNAME>;
If you use the clause CASCADE CONSTRAINTS, it would drop any referential integrity constraints defined by the user.
Regards
Hi,
Just like 'CREATE ANY TABLE' there are 'ALTER ANY TABLE' and 'DROP ANY TABLE' system privileges in Oracle.
You have to connect as SYSTEM (or any DBA USER) and do:
REVOKE ALTER ANY TABLE FROM <USER>;
REVOKE DROP ANY TABLE FROM <USER>;
Cheers,
Ramesh
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hey, this statement
REVOKE DROP TABLE ON <TABLENAME> FROM <USERNAME>;
giving the error
ORA-00990: missing or invalid privilege
ths statement
REVOKE ALTER ANY TABLE FROM <USER>; giving
ORA-01952: system privileges not granted to <user>
REVOKE DROP TABLE ON <TABLENAME> FROM <USERNAME>;
giving the error
ORA-00990: missing or invalid privilege
ths statement
REVOKE ALTER ANY TABLE FROM <USER>; giving
ORA-01952: system privileges not granted to <user>
Hi
You have given only 2 privilegs
1) Create session
2) Create any table
Also Drop privilege & alter table privilege is given to the user for any table create by him which cannot revoked.
To give only selective privileges create a role with all the privileges and grant that role to the user. Also create table with some other user to make him as owner and give only privileges to other users.
You have given only 2 privilegs
1) Create session
2) Create any table
Also Drop privilege & alter table privilege is given to the user for any table create by him which cannot revoked.
To give only selective privileges create a role with all the privileges and grant that role to the user. Also create table with some other user to make him as owner and give only privileges to other users.
REVOKE ALTER TABLE FROM <user name>;
Regards