Privilege evaluation involves analyzing the privileges and roles accorded to a user account or database uses within a given time. Users are granted privileges to accomplish the required tasks for the job. However, privileges need to be granted to users that require them to accomplish their tasks as excessive granting could compromise security. To find the system privileges granted to the user, the dictionary views to be queried are include:
USER_SYS_PRIVS
USER_SYS_PRIVS lists the system privileges granted to the user.
| Column | Datatype | Null | Description |
| USERNAME | VARCHAR2(30) | Name of the user, or PUBLIC | |
| PRIVILEGE | VARCHAR2(40) | NOT NULL | System privilege |
| ADMIN_OPTION | VARCHAR2(3) | Indicates whether the grant was with the ADMIN option (YES) or not (NO) |
Delegate your assignment to our experts and they will do the rest.
DBA_SYS_PRIVS
The users are granted object privileges visible in the DBA_SYS_PRIVS. The object privileges granted are visible through DBA_TAB_PRIVS while DBA_ROLE_PRIVS show the granted roles. These roles can be default or non-default and require password. Hence, since the user has been granted the privilege roles, it does not mean that they can necessarily utilize the privileges acquired through the roles by default. Nonetheless, the roles can be granted system privileges, additional roles, and object privileges.
DBA_COL_PRIVS
As a DBA, one has access to the DBA_COL_PRIVS to view the information column within the column-level objects privileges granted to the users. The query has two columns: column and associated definition.
| Column | Definition |
| grantee | Database login name or role which received the privilege |
| owner | Owner of the table |
| table_name | Name of the table |
| column_name | Name of the column |
| Grantor | Database login name of the person granting the privilege |
| privilege | System privilege granted to the user |
| grantable | Indicates YES if the grantee can pass along the privilege and NO if the grantee cannot pass along the object privilege |
