Validating sql privileges
Because these privileges allow other users to alter or create dependencies on a table, you should grant privileges conservatively.
A user attempting to perform a DDL operation on a table may need additional system or object privileges.
The procedure's owner must have all the necessary object privileges for referenced objects.
Fewer privileges have to be granted to users of a definer-rights procedure, resulting in tighter control of database access.
To create a view, you must meet the following requirements: To use a view, you require appropriate privileges only for the view itself.
You do not require privileges on base objects underlying the view.
A schema object and its synonym are equivalent with respect to privileges.
That is, the object privileges granted for a table, view, sequence, procedure, function, or package apply whether referencing the base object by name or using a synonym.
For example, the privileges to create tablespaces and to delete the rows of any table in a database are system privileges. You can grant or revoke system privileges to users and roles.You can use definer-rights procedures to control access to private database objects and add a level of database security.By writing a definer-rights procedure and granting only privilege to a user, the user can be forced to access the referenced objects only through the procedure.For example, assume there is a table If a synonym is dropped, all grants for the underlying schema object remain in effect, even if the privileges were granted by specifying the dropped synonym.Schema object privileges can be granted to and revoked from users and roles.