Understanding the limitations of separating the Oracle schema owner versus an oracle user of schema
Posted on 2014-11-06
I am trying to find a list of operations / tasks that an oracle schema owner can do that cannot be done by another oracle user (not a sysdba) without giving them some super privileges. I am not just talking about a simple granting select, insert, update, delete, execute on an schema object to a user
For example, the TRUNCATE TABLE command. Easily done by schema owner, but not available to another oracle user unless you grant that user 'DROP ANY TABLE'.
Our security group is looking at restricting access by this method and I need to give my vendors of various applications an idea where this paradigm may break their app.