Hi,
I confuse. I had a role named lsc_role with certain object privs. if i
run this query :
select role from dba_role;
ROLE
-----------------------
JAVADEBUGPRIV
EJBCLIENT
JAVA_ADMIN
JAVA_DEPLOY
CTXAPP
XDBADMIN
AUTHENTICATEDUSER
LBAC_DBA
OLAP_DBA
SALES_HISTORY_ROLE
LSC_ROLE
i can see the role exists. but when i try to see the object privs
granted to lsc_role with this query :
SQL> select *
2 From role_tab_privs
3 where role = 'LSC_ROLE';
no rows selected
User who granted LSC_ROLE is still working, mean access is restricted
as what was assigned to this role.
Why i can see the object privs assigned to them in second query?
I granted the role lsc_role to user using id: abc who has dba role.
I wonder is that only grantor can see grantees? Hm.. means, id dba_1
created and granted role_a to user b. When dba_2 run tthis query:
SQL> select *
2 From role_tab_privs
3 where role = 'role_a';
dba_2 will see nothing, am I right?
In this case, which userid is better when dba want to create or
granted a role or role; using a his own id or conn as sysdba?
more confuse now!!
thanz.
regard,
lclim