Hi,
Though I am not any DBA, I have a question on granting permissions. Our oracle guy told that he is not aware of granting permission to the schema. Right now he is giving permission to the tables individually. I was wondering is it not possible to give READ permission at schema level so that even a new table is created under that schema, it inherits permissions set at schema level to the user.

regards

I believe your DBA is correct. Permissions must be granted to each table individually. This only has to be done one time, and that is whenever a new table and index is created. It occurs to me that Baan grants Oracle permissions when it creates new tables. If a database role is used, then permission is extended to new users that have that been given access to that role in Oracle. Now Baan has a whole different level of security in it's data dictionary. In that realm it is possible to restrict various levels of access to a user, or group of users for any number of tables. But, it comes at a cost of more system overhead.

Gilbert Guymer
Database Administrator
Lufkin Industries, Inc.

Yes, that is correct. If you examine the role r_baan in Oracle you will see that it holds SELECT, INSERT, UPDATE, DELETE grants for each individual Baan table.