After a dbms_redact.add_policy, the user A is able to query the sensitive data without redaction if the user executes dynamic SQL, but see the redacted (masked) data if executes the query through a package. After the recompilation of the package the user see the sensitive data without redaction from both ways.
So, after the add_policy and before the recompilation, the user A is incorrectly viewing the redacted data
As far as I know, this behaviour is not documented, and I did'n expect package recompilation to be necessary
Can this behaviour be considered as bug or maybe a misdocumented issue ?