Revoke grant option from table owner

I have a role engineer1 | No inheritance, Cannot login | member of {priv_app}. The priv_app user ownes the tables in the schema. Users are members of engineer1 by default which only grants them select access. However, there are reasons the user may need to alter tables so they need to elevate their privileges to the priv_app role using set role priv_app. However this gives them the rights of the table's owner. Which is acceptable except that a user can then grant another user DML privileges on any tables.

Is there a away to prevent the table owner from granting privileges? If not what would be the correct way to architect security groups so that users can alter tables but not grant privileges.


Category: security Time: 2016-07-28 Views: 0

Related post

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development


Front-end development


development tools

Open Platform

Javascript development

.NET development

cloud computing


Copyright (C), All Rights Reserved.

processed in 0.136 (s). 12 q(s)