This content has been marked as final. Show 2 replies
purely out of the top of my head this makes perfect sense from a security perspective, since when you apply
a policy we need to invalidate all existing cursors referencing the object, remember security policies are applied
at parse time, for example adding restricting predicates, by invalidating the entire chain we make sure existing
cursors can no longer be used that could potentially bypass the new security enforcment of your policy.
Please note we are currently actively promoting the new support communities also, so if you want to get some
feedback from your peers as well as the attention of Oracle support engineers, please go to
This will put you in the Database Products Security community , but you can select others also from the left,
Harm ten Napel
Altering/adding/dropping a policy on a synonym updates the corresponding row cache and library cache entries for the synonym and it invalidates all objects dependent on the synonym. If the dependency chain is not very deep, the problem can be ignored ,on subsequent access the dependent objects are validated transparently.
To avoid such issue you can apply policy directly on the base table.