DBAsupport.com Forums - Powered by vBulletin
Results 1 to 4 of 4

Thread: Revoking privledge on a synonym

  1. #1
    Join Date
    Feb 2001
    Posts
    99

    Revoking privledge on a synonym

    Good Morning Gurus.

    Am setting up a restricted role but have hit a snag in that there are a few public synonyms that point to objects I don't want the role to see. Have not found a way yet to revoke the select privledge via this synonym. I have revoked ALL on the object in question to the user and the role, but they can still DESC and SELECT from the object.

    Any thoughts?
    Tks
    Bob

  2. #2
    Join Date
    Jan 2002
    Location
    Up s**t creek
    Posts
    1,525
    The synonym has nothing to do with privileges on the undelying object, even if there is a public synonym if the user does not have either explict privileges or privileges granted via a role they will not be able to read the contents of the table.

    If you can still select from the table, I would suggest that you look carefully at the privileges assigned to the role and to the user.

    HTH
    Jim
    Oracle Certified Professional
    "Build your reputation by helping other people build theirs."

    "Sarcasm may be the lowest form of wit but its still funny"

    Click HERE to vist my website!

  3. #3
    Join Date
    Feb 2001
    Posts
    99
    When I created the role, I gave privledges on 18 objects only. I then created the users and assigned them the role. However, they can immediately desc and select from objects which I did not grant them privledges.

    Maybee this is a different issue. As a DBA-lvl user, I revoked all privledges on an object I did not own. However, in dba_tab_privs, there is an entry granting select on the object to PUBLIC.

    Will try revoking as the object owner.

  4. #4
    Join Date
    Feb 2001
    Posts
    99
    I think what is killing me is the fact that in dba_tab_privs there is an entry granting select on the object to public. I have revoked privledges to the object as the object owner but the user still has access to the table.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Click Here to Expand Forum to Full Width