Revoke grant option from table owner

I have a role engineer1 | No inheritance, Cannot login | member of {priv_app}. The priv_app user ownes the tables in the schema. Users are members of engineer1 by default which only grants them select access. However, there are reasons the user may need to alter tables so they need to elevate their privileges to the priv_app role using set role priv_app. However this gives them the rights of the table's owner. Which is acceptable except that a user can then grant another user DML privileges on any tables.

Is there a away to prevent the table owner from granting privileges? If not what would be the correct way to architect security groups so that users can alter tables but not grant privileges.


Category: security Time: 2016-07-28 Views: 0

Related post

  • MySQL - How to handle revoking access to specific tables across multiple databases and users? 2016-07-28

    I work for an enterprise software company that provides clients with a complex and robust management system that is essentially a LAMP application. I'm on a IT/Ops small team (theres less than 5 of us) and we handle all of the network, system, and da

  • Revoke delete from table for database owner 2014-09-26

    I am trying to revoke the DELETE privilege on a table for a database owner. I execute the command: REVOKE DELETE on my_table FROM database_owner; But when querying this via SELECT has_table_privilege('users','delete'); I get true returned and am able

  • Teradata 15: Failed [5315 : HY000] An owner referenced by user does not have SELECT WITH GRANT OPTION access to DBC.RoleMembersV.RoleName 2016-02-04

    I am using Teradata 15. Using a powerful database user sysdba, I created the following view: REPLACE VIEW DBA_TABLES_TEST.ROLE_ALL_APP_USERS AS SELECT A.ROLENAME FROM DBC.ROLEMEMBERSV A WHERE A.ROLENAME LIKE 'TG%'; I got the following errors: Execute

  • SQL Server - How to grant SELECT permission on View that access data in schemas from differents owners? 2016-07-06

    I need help to deal with a problem about permissions in my database. This is the scenario: 1 Database 4 Schemas: schemaA; owner dbo schemaB; owner ownerX schemaC; owner ownerX schemaD; owner ownerX In schemaD I have a view named viewABC, that get inf

  • populate select options from extra mysql table data 2012-08-11

    hi guys i am trying to populate a select element with options from the data in one of my sql tables heres what i have so far: <? $SQL = "SELECT * FROM pt_country ORDER BY name"; $rs = $wpdb->query($SQL); $nr = mysql_num_rows($rs); for ($i=

  • What is the meaning of "select * from relational(owner.table)"? 2013-07-18

    We recently got some errors in our alert log of the form 301598: Tue Jul 16 03:58:29 2013 301599: ORA-01555 caused by SQL statement below 301600: SELECT * FROM RELATIONAL(<owner>.<table>) I know how to handle ORA-01555 errors, but I never enco

  • Unable to grant permission on table 2015-05-15

    I've been given credentials to a postgres database that I'm told it has privileges to create new users and grant them access to tables. This is half true. I wish to create a new user: create user foo login encrypted password 'bar'; commit; This is OK

  • Methods of speeding up a huge DELETE FROM table with no clauses 2011-03-15

    Using SQL Server 2005. I am performing a huge DELETE FROM with no where clauses. It's basically equivalent to a TRUNCATE TABLE statement - except I'm not allowed to use TRUNCATE. The problem is the table is huge - 10 million rows, and it takes over a

  • How to know how many lines are copied from table - psql 2012-03-11

    I want to write a script to backup a table using COPY. psql "connection parameters" -c "COPY (SELECT * FROM tbl WHERE insertion_date > 'date') TO STDOUT WITH CSV HEADER;" | bzip2 -c > backup.csv.bz2 Now I want to log how many lin

  • MySQL Mistake with GRANT OPTION 2013-10-20

    I am unsure reading the MySQL documentation if creating a user with the GRANT option will give them the power to create users and grant privileges, or change the privileges of other users databases. I have been creating databases for users like this

  • Confused by GRANT ALL PRIVILEGES ON *.* (-) WITH GRANT OPTION 2015-06-19

    Normally I manage users on my databases via phpMyAdmin, but since I do everything else in standalone programs such as SQLyog or HeidiSQL, I wanted the ability to manage users remotely from these programs. The remote user already had SUPER because it

  • Remove cite from table of contents 2011-05-17

    I want to put a citation in the section title \section{AAAB \cite{KK} } But i only want this cite to appear in the text but not on the page of contents. How to remove cite from table of contents ? --------------Solutions------------- Use the optional

  • Remove filter and view options from custom post type edit screen 2011-05-26

    I have my CPT edit screen almost looking how I want it but want to remove the filter and view options from this screen as they are not needed for this interface. How do I remove them? Are there any filters that disable them? My edit screen has got to

  • remove colon from table name 2011-09-12

    I'm using two-column article document class. Long table Name is displayed in the following format: Table 1: table caption goes here. But I want to change in this way: Table 1 table caption goes here on the other words, I want to remove colon (:). How

  • remove admin bar show hide option from profile settings 2012-06-05

    Do not misunderstood. I am trying to remove/disable Show toolbar option (not talking about hide/disable admin bar) but talking about The Option into Profile Settings. I tried to search but in all I found only how to disable admin bar from front and b

  • Allow underscore in PGFPlots tick labels read from table 2013-02-07

    I'm trying to use the text data from a table column as the tick labels in a plot. The text data contains underscores, which makes LaTeX throw a Missing $ inserted error. I'd usually get around this by loading the underscore package, and that works fi

  • Approaches for deleting unnecessary records from tables 2013-05-21

    We have a database which stores the temperatures of 20 thermometer every 7 seconds. We want to delete all records in the way that every minute holds just one tempereature instead of 8 which are older than 3 months. I was planning to do it as follows

  • How to change format of xticklabel when loaded from table 2013-06-29

    I have the following code \documentclass[tikz]{standalone} \usepackage{pgfplots} \usepackage{pgfplotstable} \usepackage{filecontents} \begin{filecontents}{testdata.dat} 6.3e-05 0.8767984145412976 0.6 0.000125 12.85965577546382 9.970000000000001 0.000

  • Want to create select option from Apex 2013-08-08

    I am trying to create a table from apex according to the no of rows and columns entered on the Vf page the apex code will generate a table. This much is working fine. Now i need to add a select option in every columns. I wrote the code for it but the

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development


Front-end development


development tools

Open Platform

Javascript development

.NET development

cloud computing


Copyright (C), All Rights Reserved.

processed in 1.360 (s). 13 q(s)