This content has been marked as final. Show 4 replies
but remember this will grant execute permission for all the objects to which this permission could be applied not just for the stored procedures but the scalar and aggregate functions, synonyms and CLR types too, so can be expensive in some siutations.
A number of enhancement requests already exist in our bugdp repository about this issue :
Bug 1245948: IMPLEMENT DB2-TYPE LIKE SCHEMA PRIVILEGES
(I closed a number of duplicate request also with this one as base bug)
This enhancement is currently not implemented and security product management may also not be willing
to do so. Since you literally mentioned it would be 'nice to have' that is exactly the sort of requirement
we do NOT implement! We prioritize enhancements based on business needs and also taking certain
factors into account about the cost and return and issues of code stability.
About your final comment: when you have different applications in the same instance and want to keep users
separate, you can hand-out a number of ANY type privileges and also restrict users from seeing other application data
by using Database Vault realms for each distinct application.
Please note we are currently actively promoting the new support communities also, so if you want to get some
feedback from your peers as well as the attention of Oracle support engineers, please go to
This will put you in the Database Products Security community , but you can select others also from the left,
Harm ten Napel
In 2012 doing more with less this is really a requirement.
My bad on must making it sound like a wish.
With 12C on the horizon and pushing for the CLOUD I would think that Oracle Hosting might be putting different customers in the same instance. This would enhance their TCO as well.
It is a nice bit of work when you add a table to a schema and have to go back with grants though we have scripts it is something the people coming over from SQL Server or DB2 have a hard time grasping initially