Database Administration (MOSC)

MOSC Banner

Execute privilege via role

edited Nov 7, 2019 6:12PM in Database Administration (MOSC) 3 commentsAnswered ✓

I can't seem to find a clear answer to this question. I understand definer vs invoker rights with regards to packages/procedures, and the fact that Oracle will ignore roles when determining access to objects used in the procedure. But what about the EXECUTE privilege itself? I'll give you an example:

User A owns tables used in a package that it also owns. The package was created with definer rights.

User B does not have any grants against tables owned by User A, but does have EXECUTE on User A's package.

In this case, User B can execute Users A's package with no issues.

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center