CREATE SESSION 登陸權限,例如sqlplus
SQL> SELECT * FROM SYSTEM_PRIVILEGE_MAP;
PRIVILEGE NAME PROPERTY
---------- ---------------------------------------- ----------
-3 ALTER SYSTEM 0
-4 AUDIT SYSTEM 0
-5 CREATE SESSION 0
-6 ALTER SESSION 0
-7 RESTRICTED SESSION 0
-10 CREATE TABLESPACE 0
-11 ALTER TABLESPACE 0
-12 MANAGE TABLESPACE 0
-13 DROP TABLESPACE 0
-15 UNLIMITED TABLESPACE 0
-20 CREATE USER 0
-21 BECOME USER 0
-22 ALTER USER 0
-23 DROP USER 0
-30 CREATE ROLLBACK SEGMENT 0
-31 ALTER ROLLBACK SEGMENT 0
-32 DROP ROLLBACK SEGMENT 0
-40 CREATE TABLE 0
-41 CREATE ANY TABLE 0
-42 ALTER ANY TABLE 0
-43 BACKUP ANY TABLE 0
-44 DROP ANY TABLE 0
-45 LOCK ANY TABLE 0
-46 COMMENT ANY TABLE 0
-47 SELECT ANY TABLE 0
-48 INSERT ANY TABLE 0
-49 UPDATE ANY TABLE 0
-50 DELETE ANY TABLE 0
-60 CREATE CLUSTER 0
-61 CREATE ANY CLUSTER 0
-62 ALTER ANY CLUSTER 0
-63 DROP ANY CLUSTER 0
-71 CREATE ANY INDEX 0
-72 ALTER ANY INDEX 0
-73 DROP ANY INDEX 0
-80 CREATE SYNONYM 0
-81 CREATE ANY SYNONYM 0
-82 DROP ANY SYNONYM 0
-83 SYSDBA 0
-84 SYSOPER 0
-85 CREATE PUBLIC SYNONYM 0
-86 DROP PUBLIC SYNONYM 0
-90 CREATE VIEW 0
-91 CREATE ANY VIEW 0
-92 DROP ANY VIEW 0
-105 CREATE SEQUENCE 0
-106 CREATE ANY SEQUENCE 0
-107 ALTER ANY SEQUENCE 0
-108 DROP ANY SEQUENCE 0
-109 SELECT ANY SEQUENCE 0
-115 CREATE DATABASE LINK 0
-120 CREATE PUBLIC DATABASE LINK 0
-121 DROP PUBLIC DATABASE LINK 0
-125 CREATE ROLE 0
-126 DROP ANY ROLE 0
-127 GRANT ANY ROLE 0
-128 ALTER ANY ROLE 0
-130 AUDIT ANY 0
-135 ALTER DATABASE 0
-138 FORCE TRANSACTION 0
-139 FORCE ANY TRANSACTION 0
-140 CREATE PROCEDURE 0
-141 CREATE ANY PROCEDURE 0
-142 ALTER ANY PROCEDURE 0
-143 DROP ANY PROCEDURE 0
-144 EXECUTE ANY PROCEDURE 0
-151 CREATE TRIGGER 0
-152 CREATE ANY TRIGGER 0
-153 ALTER ANY TRIGGER 0
-154 DROP ANY TRIGGER 0
-160 CREATE PROFILE 0
-161 ALTER PROFILE 0
-162 DROP PROFILE 0
-163 ALTER RESOURCE COST 0
-165 ANALYZE ANY 0
-167 GRANT ANY PRIVILEGE 0
-172 CREATE MATERIALIZED VIEW 0
-173 CREATE ANY MATERIALIZED VIEW 0
-174 ALTER ANY MATERIALIZED VIEW 0
-175 DROP ANY MATERIALIZED VIEW 0
-177 CREATE ANY DIRECTORY 0
-178 DROP ANY DIRECTORY 0
-180 CREATE TYPE 0
-181 CREATE ANY TYPE 0
-182 ALTER ANY TYPE 0
-183 DROP ANY TYPE 0
-184 EXECUTE ANY TYPE 0
-186 UNDER ANY TYPE 0
-188 CREATE LIBRARY 0
-189 CREATE ANY LIBRARY 0
-190 ALTER ANY LIBRARY 0
-191 DROP ANY LIBRARY 0
-192 EXECUTE ANY LIBRARY 0
-200 CREATE OPERATOR 0
-201 CREATE ANY OPERATOR 0
-202 ALTER ANY OPERATOR 0
-203 DROP ANY OPERATOR 0
PRIVILEGE NAME PROPERTY
---------- ---------------------------------------- ----------
-204 EXECUTE ANY OPERATOR 0
-205 CREATE INDEXTYPE 0
-206 CREATE ANY INDEXTYPE 0
-207 ALTER ANY INDEXTYPE 0
-208 DROP ANY INDEXTYPE 0
-209 UNDER ANY VIEW 0
-210 QUERY REWRITE 0
-211 GLOBAL QUERY REWRITE 0
-212 EXECUTE ANY INDEXTYPE 0
-213 UNDER ANY TABLE 0
-214 CREATE DIMENSION 0
-215 CREATE ANY DIMENSION 0
-216 ALTER ANY DIMENSION 0
-217 DROP ANY DIMENSION 0
-218 MANAGE ANY QUEUE 1
-219 ENQUEUE ANY QUEUE 1
-220 DEQUEUE ANY QUEUE 1
-222 CREATE ANY CONTEXT 0
-223 DROP ANY CONTEXT 0
-224 CREATE ANY OUTLINE 0
-225 ALTER ANY OUTLINE 0
-226 DROP ANY OUTLINE 0
-227 ADMINISTER RESOURCE MANAGER 1
-228 ADMINISTER DATABASE TRIGGER 0
-233 MERGE ANY VIEW 0
-234 ON COMMIT REFRESH 0
-235 EXEMPT ACCESS POLICY 0
-236 RESUMABLE 0
-237 SELECT ANY DICTIONARY 0
-238 DEBUG CONNECT SESSION 0
-241 DEBUG ANY PROCEDURE 0
-243 FLASHBACK ANY TABLE 0
-244 GRANT ANY OBJECT PRIVILEGE 0
-245 CREATE EVALUATION CONTEXT 1
-246 CREATE ANY EVALUATION CONTEXT 1
-247 ALTER ANY EVALUATION CONTEXT 1
-248 DROP ANY EVALUATION CONTEXT 1
-249 EXECUTE ANY EVALUATION CONTEXT 1
-250 CREATE RULE SET 1
-251 CREATE ANY RULE SET 1
-252 ALTER ANY RULE SET 1
-253 DROP ANY RULE SET 1
-254 EXECUTE ANY RULE SET 1
-255 EXPORT FULL DATABASE 0
-256 IMPORT FULL DATABASE 0
-257 CREATE RULE 1
-258 CREATE ANY RULE 1
-259 ALTER ANY RULE 1
-260 DROP ANY RULE 1
-261 EXECUTE ANY RULE 1
-262 ANALYZE ANY DICTIONARY 0
-263 ADVISOR 0
-264 CREATE JOB 0
-265 CREATE ANY JOB 0
-266 EXECUTE ANY PROGRAM 0
-267 EXECUTE ANY CLASS 0
-268 MANAGE SCHEDULER 0
-269 SELECT ANY TRANSACTION 0
-270 DROP ANY SQL PROFILE 0
-271 ALTER ANY SQL PROFILE 0
-272 ADMINISTER SQL TUNING SET 0
-273 ADMINISTER ANY SQL TUNING SET 0
-274 CREATE ANY SQL PROFILE 0
-275 EXEMPT IDENTITY POLICY 0
-276 MANAGE FILE GROUP 1
-277 MANAGE ANY FILE GROUP 1
-278 READ ANY FILE GROUP 1
-279 CHANGE NOTIFICATION 0
-280 CREATE EXTERNAL JOB 0
-281 CREATE ANY EDITION 0
-282 DROP ANY EDITION 0
-283 ALTER ANY EDITION 0
-284 CREATE ASSEMBLY 0
-285 CREATE ANY ASSEMBLY 0
-286 ALTER ANY ASSEMBLY 0
-287 DROP ANY ASSEMBLY 0
-288 EXECUTE ANY ASSEMBLY 0
-289 EXECUTE ASSEMBLY 0
-290 CREATE MINING MODEL 0
-291 CREATE ANY MINING MODEL 0
-292 DROP ANY MINING MODEL 0
-293 SELECT ANY MINING MODEL 0
-294 ALTER ANY MINING MODEL 0
-295 COMMENT ANY MINING MODEL 0
-301 CREATE CUBE DIMENSION 0
-302 ALTER ANY CUBE DIMENSION 0
-303 CREATE ANY CUBE DIMENSION 0
-304 DELETE ANY CUBE DIMENSION 0
-305 DROP ANY CUBE DIMENSION 0
-306 INSERT ANY CUBE DIMENSION 0
-307 SELECT ANY CUBE DIMENSION 0
-308 CREATE CUBE 0
-309 ALTER ANY CUBE 0
-310 CREATE ANY CUBE 0
-311 DROP ANY CUBE 0
-312 SELECT ANY CUBE 0
-313 UPDATE ANY CUBE 0
PRIVILEGE NAME PROPERTY
---------- ---------------------------------------- ----------
-314 CREATE MEASURE FOLDER 0
-315 CREATE ANY MEASURE FOLDER 0
-316 DELETE ANY MEASURE FOLDER 0
-317 DROP ANY MEASURE FOLDER 0
-318 INSERT ANY MEASURE FOLDER 0
-319 CREATE CUBE BUILD PROCESS 0
-320 CREATE ANY CUBE BUILD PROCESS 0
-321 DROP ANY CUBE BUILD PROCESS 0
-322 UPDATE ANY CUBE BUILD PROCESS 0
-326 UPDATE ANY CUBE DIMENSION 0
-327 ADMINISTER SQL MANAGEMENT OBJECT 0
-328 ALTER PUBLIC DATABASE LINK 0
-329 ALTER DATABASE LINK 0
-350 FLASHBACK ARCHIVE ADMINISTER 0
208 rows selected.
SELECT * FROM TABLE_PRIVILEGES; SELECT * FROM DBA_TAB_PRIVS;
select * from dict where table_name like '%PRIV%';
SELECT grantee,privilege,admin_option FROM dba_sys_privs WHERE grantee IN ('SCOTT','SYS','SYSTEM') ORDER BY grantee;
SQL> SELECT grantee,privilege,admin_option FROM dba_sys_privs WHERE grantee IN ('SCOTT','SYS','SYSTEM') ORDER BY grantee;
GRANTEE PRIVILEGE ADM
------------------------------ ---------------------------------------- ---
SCOTT UNLIMITED TABLESPACE NO
SYS ADMINISTER ANY SQL TUNING SET NO
SYS ADMINISTER DATABASE TRIGGER NO
SYS ADMINISTER RESOURCE MANAGER NO
SYS ADMINISTER SQL MANAGEMENT OBJECT NO
SYS ADMINISTER SQL TUNING SET NO
SYS ADVISOR NO
SYS ALTER ANY ASSEMBLY NO
SYS ALTER ANY CLUSTER NO
SYS ALTER ANY CUBE NO
SYS ALTER ANY CUBE DIMENSION NO
SYS ALTER ANY DIMENSION NO
SYS ALTER ANY EDITION NO
SYS ALTER ANY EVALUATION CONTEXT YES
SYS ALTER ANY INDEX NO
SYS ALTER ANY INDEXTYPE NO
SYS ALTER ANY LIBRARY NO
SYS ALTER ANY MATERIALIZED VIEW NO
SYS ALTER ANY MINING MODEL NO
SYS ALTER ANY OPERATOR NO
SYS ALTER ANY OUTLINE NO
SYS ALTER ANY PROCEDURE NO
SYS ALTER ANY ROLE NO
SYS ALTER ANY RULE YES
SYS ALTER ANY RULE SET YES
SYS ALTER ANY SEQUENCE NO
SYS ALTER ANY SQL PROFILE NO
SYS ALTER ANY TABLE NO
SYS ALTER ANY TRIGGER NO
SYS ALTER ANY TYPE NO
SYS ALTER DATABASE NO
SYS ALTER PROFILE NO
SYS ALTER RESOURCE COST NO
SYS ALTER ROLLBACK SEGMENT NO
SYS ALTER SESSION NO
SYS ALTER SYSTEM NO
SYS ALTER TABLESPACE NO
SYS ALTER USER NO
SYS ANALYZE ANY NO
SYS AUDIT ANY NO
SYS AUDIT SYSTEM NO
SYS BACKUP ANY TABLE NO
SYS BECOME USER NO
SYS CHANGE NOTIFICATION NO
SYS COMMENT ANY MINING MODEL NO
SYS COMMENT ANY TABLE NO
SYS CREATE ANY ASSEMBLY NO
SYS CREATE ANY CLUSTER NO
SYS CREATE ANY CONTEXT NO
SYS CREATE ANY CUBE NO
SYS CREATE ANY CUBE BUILD PROCESS NO
SYS CREATE ANY CUBE DIMENSION NO
SYS CREATE ANY DIMENSION NO
SYS CREATE ANY DIRECTORY NO
SYS CREATE ANY EDITION NO
SYS CREATE ANY EVALUATION CONTEXT YES
SYS CREATE ANY INDEX NO
SYS CREATE ANY INDEXTYPE NO
SYS CREATE ANY JOB NO
SYS CREATE ANY LIBRARY NO
SYS CREATE ANY MATERIALIZED VIEW NO
SYS CREATE ANY MEASURE FOLDER NO
SYS CREATE ANY MINING MODEL NO
SYS CREATE ANY OPERATOR NO
SYS CREATE ANY OUTLINE NO
SYS CREATE ANY PROCEDURE NO
SYS CREATE ANY RULE YES
SYS CREATE ANY RULE SET YES
SYS CREATE ANY SEQUENCE NO
SYS CREATE ANY SQL PROFILE NO
SYS CREATE ANY SYNONYM NO
SYS CREATE ANY TABLE NO
SYS CREATE ANY TRIGGER NO
SYS CREATE ANY TYPE NO
SYS CREATE ANY VIEW NO
SYS CREATE ASSEMBLY NO
SYS CREATE CLUSTER NO
SYS CREATE CUBE NO
SYS CREATE CUBE BUILD PROCESS NO
SYS CREATE CUBE DIMENSION NO
SYS CREATE DATABASE LINK NO
SYS CREATE DIMENSION NO
SYS CREATE EVALUATION CONTEXT YES
SYS CREATE EXTERNAL JOB NO
SYS CREATE INDEXTYPE NO
SYS CREATE JOB NO
SYS CREATE LIBRARY NO
SYS CREATE MATERIALIZED VIEW NO
SYS CREATE MEASURE FOLDER NO
SYS CREATE MINING MODEL NO
SYS CREATE OPERATOR NO
SYS CREATE PROCEDURE NO
SYS CREATE PROFILE NO
SYS CREATE PUBLIC DATABASE LINK NO
SYS CREATE PUBLIC SYNONYM NO
SYS CREATE ROLE NO
SYS CREATE ROLLBACK SEGMENT NO
GRANTEE PRIVILEGE ADM
------------------------------ ---------------------------------------- ---
SYS CREATE RULE YES
SYS CREATE RULE SET YES
SYS CREATE SEQUENCE NO
SYS CREATE SESSION NO
SYS CREATE SYNONYM NO
SYS CREATE TABLE NO
SYS CREATE TABLESPACE NO
SYS CREATE TRIGGER NO
SYS CREATE TYPE NO
SYS CREATE USER NO
SYS CREATE VIEW NO
SYS DEBUG ANY PROCEDURE NO
SYS DEBUG CONNECT SESSION NO
SYS DELETE ANY CUBE DIMENSION NO
SYS DELETE ANY MEASURE FOLDER NO
SYS DELETE ANY TABLE NO
SYS DEQUEUE ANY QUEUE YES
SYS DROP ANY ASSEMBLY NO
SYS DROP ANY CLUSTER NO
SYS DROP ANY CONTEXT NO
SYS DROP ANY CUBE NO
SYS DROP ANY CUBE BUILD PROCESS NO
SYS DROP ANY CUBE DIMENSION NO
SYS DROP ANY DIMENSION NO
SYS DROP ANY DIRECTORY NO
SYS DROP ANY EDITION NO
SYS DROP ANY EVALUATION CONTEXT YES
SYS DROP ANY INDEX NO
SYS DROP ANY INDEXTYPE NO
SYS DROP ANY LIBRARY NO
SYS DROP ANY MATERIALIZED VIEW NO
SYS DROP ANY MEASURE FOLDER NO
SYS DROP ANY MINING MODEL NO
SYS DROP ANY OPERATOR NO
SYS DROP ANY OUTLINE NO
SYS DROP ANY PROCEDURE NO
SYS DROP ANY ROLE NO
SYS DROP ANY RULE YES
SYS DROP ANY RULE SET YES
SYS DROP ANY SEQUENCE NO
SYS DROP ANY SQL PROFILE NO
SYS DROP ANY SYNONYM NO
SYS DROP ANY TABLE NO
SYS DROP ANY TRIGGER NO
SYS DROP ANY TYPE NO
SYS DROP ANY VIEW NO
SYS DROP PROFILE NO
SYS DROP PUBLIC DATABASE LINK NO
SYS DROP PUBLIC SYNONYM NO
SYS DROP ROLLBACK SEGMENT NO
SYS DROP TABLESPACE NO
SYS DROP USER NO
SYS ENQUEUE ANY QUEUE YES
SYS EXECUTE ANY ASSEMBLY NO
SYS EXECUTE ANY CLASS NO
SYS EXECUTE ANY EVALUATION CONTEXT YES
SYS EXECUTE ANY INDEXTYPE NO
SYS EXECUTE ANY LIBRARY NO
SYS EXECUTE ANY OPERATOR NO
SYS EXECUTE ANY PROCEDURE NO
SYS EXECUTE ANY PROGRAM NO
SYS EXECUTE ANY RULE YES
SYS EXECUTE ANY RULE SET YES
SYS EXECUTE ANY TYPE NO
SYS EXECUTE ASSEMBLY NO
SYS EXPORT FULL DATABASE NO
SYS FLASHBACK ANY TABLE NO
SYS FLASHBACK ARCHIVE ADMINISTER NO
SYS FORCE ANY TRANSACTION NO
SYS FORCE TRANSACTION NO
SYS GLOBAL QUERY REWRITE NO
SYS GRANT ANY OBJECT PRIVILEGE NO
SYS GRANT ANY PRIVILEGE NO
SYS GRANT ANY ROLE NO
SYS IMPORT FULL DATABASE NO
SYS INSERT ANY CUBE DIMENSION NO
SYS INSERT ANY MEASURE FOLDER NO
SYS INSERT ANY TABLE NO
SYS LOCK ANY TABLE NO
SYS MANAGE ANY FILE GROUP NO
SYS MANAGE ANY QUEUE YES
SYS MANAGE FILE GROUP NO
SYS MANAGE SCHEDULER NO
SYS MANAGE TABLESPACE NO
SYS MERGE ANY VIEW NO
SYS ON COMMIT REFRESH NO
SYS QUERY REWRITE NO
SYS READ ANY FILE GROUP NO
SYS RESTRICTED SESSION NO
SYS RESUMABLE NO
SYS SELECT ANY CUBE NO
SYS SELECT ANY CUBE DIMENSION NO
SYS SELECT ANY MINING MODEL NO
SYS SELECT ANY SEQUENCE NO
SYS SELECT ANY TABLE YES
SYS SELECT ANY TRANSACTION NO
SYS UNDER ANY TABLE NO
GRANTEE PRIVILEGE ADM
------------------------------ ---------------------------------------- ---
SYS UNDER ANY TYPE NO
SYS UNDER ANY VIEW NO
SYS UNLIMITED TABLESPACE NO
SYS UPDATE ANY CUBE NO
SYS UPDATE ANY CUBE BUILD PROCESS NO
SYS UPDATE ANY CUBE DIMENSION NO
SYS UPDATE ANY TABLE NO
SYSTEM CREATE MATERIALIZED VIEW NO
SYSTEM CREATE TABLE NO
SYSTEM GLOBAL QUERY REWRITE NO
SYSTEM SELECT ANY TABLE NO
SYSTEM UNLIMITED TABLESPACE YES
206 rows selected.
select grantee,privilege,admin_option from dba_sys_privs where grantee in ('SCOTT','SYS') and privilege = 'EXECUTE ANY PROCEDURE' order by grantee;
SQL> select grantee,privilege,admin_option from dba_sys_privs where grantee in ('SCOTT','SYS') and privilege = 'EXECUTE ANY PROCEDURE' order by grantee;
GRANTEE PRIVILEGE ADM
------------------------------ ---------------------------------------- ---
SYS EXECUTE ANY PROCEDURE NO
授予DBA權限,不限制的表空間,查詢任何表,查詢任何字典
grant dba to neo; grant unlimited tablespace to neo; grant select any table to neo; grant select any dictionary to neo;
Granting and Revoking SYSDBA and SYSOPER Privileges
If your server is using an EXCLUSIVE password file, use the GRANT statement to grant the SYSDBA or SYSOPER system privilege to a user, as shown in the following example: GRANT SYSDBA TO user; Use the REVOKE statement to revoke the SYSDBA or SYSOPER system privilege from a user, as shown in the following example: REVOKE SYSDBA FROM user;
SYSDBA, SYSOPER, SYSASM
REVOKE SYSOPER FROM non-SYS-user; GRANT SYSOPER TO non-SYS-user;