René Nyffenegger's collection of things on the web
René Nyffenegger on Oracle - Most wanted - Feedback -

System privileges [Oracle]

The following system privileges can be granted to users and roles.

administer any sql tuning set

administer database trigger

administer resource manager

administer sql tuning set


alter any cluster

alter any dimension

alter any evaluation context

alter any index

alter any indextype

alter any library

alter any materialized view

alter any operator

alter any outline

alter any procedure

alter any role

alter any rule

alter any rule set

alter any sequence

alter any sql profile

alter any table

alter any trigger

alter any type

alter database

alter profile

alter resource cost

alter rollback segment

alter session

alter system

alter tablespace

alter user

analyze any

analyze any dictionary

audit any

audit system

backup any table

become user

change notification

comment any table

create any cluster

create any context

create any dimension

create any directory

create any evaluation context

create any index

create any indextype

create any job

create any library

create any materialized view

create any operator

create any outline

create any procedure

create any rule

create any rule set

create any sequence

create any sql profile

create any synonym

create any table

create any trigger

create any type

create any view

create cluster

create database link

create dimension

create evaluation context

create external job

create indextype

create job

create library

create materialized view

create operator

create procedure

create profile

create public database link

create public synonym

create role

create rollback segment

create rule

create rule set

create sequence

create session

Needed to create a session. Oracle throws a ORA-01045 if this privilege is missing when someone tries to connect to a database (unless the user is a proxy user)

create synonym

create table

create tablespace

create trigger

create type

create user

create view

debug any procedure

debug connect session

delete any table

dequeue any queue

drop any cluster

drop any context

drop any dimension

drop any directory

drop any evaluation context

drop any index

drop any indextype

drop any library

drop any materialized view

drop any operator

drop any outline

drop any procedure

drop any role

drop any rule

drop any rule set

drop any sequence

drop any sql profile

drop any synonym

drop any table

drop any trigger

drop any type

drop any view

drop profile

drop public database link

drop public synonym

drop rollback segment

drop tablespace

drop user

enqueue any queue

execute any class

execute any evaluation context

execute any indextype

execute any library

execute any operator

execute any procedure

execute any program

execute any rule

execute any rule set

execute any type

exempt access policy

exempt identity policy

export full database

flashback any table

force any transaction

force transaction

global query rewrite

grant any object privilege

grant any privilege

grant any role

import full database

insert any table

lock any table

manage any file group

manage any queue

manage file group

manage scheduler

manage tablespace

merge any view

on commit refresh

query rewrite

read any file group

restricted session

This privilege is needed to connect to the database while the instance is in restriced mode.


select any dictionary

select any sequence

select any table

select any transaction

Needed for transaction queries and ....? not yet finished


See this link.


under any table

under any type

under any view

unlimited tablespace

update any table