There is a pseudo-user in oracle called PUBLIC.
Any privileges granted to PUBLIC have, in effect, been granted to every user; every account you create will have access to these privileges.
By default, the public user has a large number of privileges. In particular, he has execute
permission on a number of PL/SQL utility packages.
To know on which table PUBLIC has the select privilege execute the query,
select table_name from dba_tab_privs where grantee='PUBLIC' and privilege='SELECT';
Workaround Example:
------------------------
1)Create user and connect with the user and it will fail.
SQL> conn arju/arju
Connected.
SQL> create user t identified by t;
User created.
SQL> conn t/t
ERROR:
ORA-01045: user T lacks CREATE SESSION privilege; logon denied
Warning: You are no longer connected to ORACLE.
2)Grant create session to Public and you will see conn t/t works.
SQL> conn arju/arju
Connected.
SQL> grant create session to public;
Grant succeeded.
SQL> conn t/t;
Connected.
3)Revoke create session from t and then again try to connect as t user.
SQL> conn arju/arju
Connected.
SQL> revoke create session from public;
Revoke succeeded.
SQL> conn t/t;
ERROR:
ORA-01045: user T lacks CREATE SESSION privilege; logon denied
Warning: You are no longer connected to ORACLE.
As the create session privilege was granted to PUBLIC so conn t/t worked and again whenever it revoked conn t/t fails.
You should explicitly grant create session privilege to the user rather giving through PUBLIC. Like,
GRANT CREATE SESSION TO T;
No comments:
Post a Comment