Search notes:

Oracle: System privileges

Show granted system privileges

The users and roles to whom system privileges were granted can be queried from dba_sys_privs.

Selecting all available system privileges

The available system privleges can be queried from system_privilege_map (which is created and populated by the dsec.bsq installation script. 
select
   name,
   property,
   privilege
from
   system_privilege_map
order by
   name;
Comment
ADMINISTER ANY SQL TUNING SET 0 -273
ADMINISTER DATABASE TRIGGER 0 -228
ADMINISTER KEY MANAGEMENT 0 -343
ADMINISTER RESOURCE MANAGER 1 -227
ADMINISTER SQL MANAGEMENT OBJECT 0 -327
ADMINISTER SQL TUNING SET 0 -272
ADVISOR 0 -263 Required for Optimizer statistics advisor
ALTER ANY ANALYTIC VIEW 0 -409
ALTER ANY ASSEMBLY 0 -286
ALTER ANY ATTRIBUTE DIMENSION 0 -401
ALTER ANY CLUSTER 0 -62
ALTER ANY CUBE 0 -309
ALTER ANY CUBE BUILD PROCESS 0 -396
ALTER ANY CUBE DIMENSION 0 -302
ALTER ANY DIMENSION 0 -216
ALTER ANY EDITION 0 -283
ALTER ANY EVALUATION CONTEXT 1 -247
ALTER ANY HIERARCHY 0 -405
ALTER ANY INDEX 0 -72
ALTER ANY INDEXTYPE 0 -207
ALTER ANY LIBRARY 0 -190
ALTER ANY MATERIALIZED VIEW 0 -174
ALTER ANY MEASURE FOLDER 0 -394
ALTER ANY MINING MODEL 0 -294
ALTER ANY OPERATOR 0 -202
ALTER ANY OUTLINE 0 -225
ALTER ANY PROCEDURE 0 -142
ALTER ANY ROLE 0 -128
ALTER ANY RULE 1 -259
ALTER ANY RULE SET 1 -252
ALTER ANY SEQUENCE 0 -107
ALTER ANY SQL PROFILE 0 -271
ALTER ANY SQL TRANSLATION PROFILE 0 -336
ALTER ANY TABLE 0 -42
ALTER ANY TRIGGER 0 -153
ALTER ANY TYPE 0 -182
ALTER DATABASE 0 -135
ALTER DATABASE LINK 0 -329
ALTER LOCKDOWN PROFILE 0 -380
ALTER PROFILE 0 -161
ALTER PUBLIC DATABASE LINK 0 -328
ALTER RESOURCE COST 0 -163
ALTER ROLLBACK SEGMENT 0 -31
ALTER SESSION 0 -6
ALTER SYSTEM 0 -3
ALTER TABLESPACE 0 -11
ALTER USER 0 -22
ANALYZE ANY 0 -165
ANALYZE ANY DICTIONARY 0 -262 Allows to select from all data dictionary (and v$ views?) in the SYS schema except DEFAULT_PWD$, ENC$, LINK$, USER$, USER_HISTORY$ and XS$VERIFIER. This privilege also allows to generally select from objects in the SYS schema. This privilege allows to overwrite O7_DICTIONARY_ACCESSIBILITY (which is false by default).
AUDIT ANY 0 -130
AUDIT SYSTEM 0 -4
BACKUP ANY TABLE 0 -43
BECOME USER 0 -21
CHANGE NOTIFICATION 0 -279
COMMENT ANY MINING MODEL 0 -295
COMMENT ANY TABLE 0 -46
CREATE ANALYTIC VIEW 0 -407
CREATE ANY ANALYTIC VIEW 0 -408
CREATE ANY ASSEMBLY 0 -285
CREATE ANY ATTRIBUTE DIMENSION 0 -400
CREATE ANY CLUSTER 0 -61
CREATE ANY CONTEXT 0 -222
CREATE ANY CREDENTIAL 0 -388
CREATE ANY CUBE 0 -310
CREATE ANY CUBE BUILD PROCESS 0 -320
CREATE ANY CUBE DIMENSION 0 -303
CREATE ANY DIMENSION 0 -215
CREATE ANY DIRECTORY 0 -177
CREATE ANY EDITION 0 -281
CREATE ANY EVALUATION CONTEXT 1 -246
CREATE ANY HIERARCHY 0 -404
CREATE ANY INDEX 0 -71
CREATE ANY INDEXTYPE 0 -206
CREATE ANY JOB 0 -265
CREATE ANY LIBRARY 0 -189
CREATE ANY MATERIALIZED VIEW 0 -173
CREATE ANY MEASURE FOLDER 0 -315
CREATE ANY MINING MODEL 0 -291
CREATE ANY OPERATOR 0 -201
CREATE ANY OUTLINE 0 -224
CREATE ANY PROCEDURE 0 -141
CREATE ANY RULE 1 -258
CREATE ANY RULE SET 1 -251
CREATE ANY SEQUENCE 0 -106
CREATE ANY SQL PROFILE 0 -274
CREATE ANY SQL TRANSLATION PROFILE 0 -335
CREATE ANY SYNONYM 0 -81
CREATE ANY TABLE 0 -41
CREATE ANY TRIGGER 0 -152
CREATE ANY TYPE 0 -181
CREATE ANY VIEW 0 -91
CREATE ASSEMBLY 0 -284
CREATE ATTRIBUTE DIMENSION 0 -399
CREATE CLUSTER 0 -60
CREATE CREDENTIAL 0 -387
CREATE CUBE 0 -308
CREATE CUBE BUILD PROCESS 0 -319
CREATE CUBE DIMENSION 0 -301
CREATE DATABASE LINK 0 -115
CREATE DIMENSION 0 -214
CREATE EVALUATION CONTEXT 1 -245
CREATE EXTERNAL JOB 0 -280
CREATE HIERARCHY 0 -403
CREATE INDEXTYPE 0 -205
CREATE JOB 0 -264
CREATE LIBRARY 0 -188
CREATE LOCKDOWN PROFILE 0 -378
CREATE MATERIALIZED VIEW 0 -172
CREATE MEASURE FOLDER 0 -314
CREATE MINING MODEL 0 -290
CREATE OPERATOR 0 -200
CREATE PLUGGABLE DATABASE 0 -375
CREATE PROCEDURE 0 -140
CREATE PROFILE 0 -160
CREATE PUBLIC DATABASE LINK 0 -120
CREATE PUBLIC SYNONYM 0 -85
CREATE ROLE 0 -125
CREATE ROLLBACK SEGMENT 0 -30
CREATE RULE 1 -257
CREATE RULE SET 1 -250
CREATE SEQUENCE 0 -105
CREATE SESSION 0 -5
CREATE SQL TRANSLATION PROFILE 0 -334
CREATE SYNONYM 0 -80
CREATE TABLE 0 -40
CREATE TABLESPACE 0 -10
CREATE TRIGGER 0 -151
CREATE TYPE 0 -180
CREATE USER 0 -20
CREATE VIEW 0 -90
DEBUG ANY PROCEDURE 0 -241
DEBUG CONNECT ANY 0 -240
DEBUG CONNECT SESSION 0 -238
DELETE ANY CUBE DIMENSION 0 -304
DELETE ANY MEASURE FOLDER 0 -316
DELETE ANY TABLE 0 -50
DEQUEUE ANY QUEUE 1 -220
DROP ANY ANALYTIC VIEW 0 -410
DROP ANY ASSEMBLY 0 -287
DROP ANY ATTRIBUTE DIMENSION 0 -402
DROP ANY CLUSTER 0 -63
DROP ANY CONTEXT 0 -223
DROP ANY CUBE 0 -311
DROP ANY CUBE BUILD PROCESS 0 -321
DROP ANY CUBE DIMENSION 0 -305
DROP ANY DIMENSION 0 -217
DROP ANY DIRECTORY 0 -178
DROP ANY EDITION 0 -282
DROP ANY EVALUATION CONTEXT 1 -248
DROP ANY HIERARCHY 0 -406
DROP ANY INDEX 0 -73
DROP ANY INDEXTYPE 0 -208
DROP ANY LIBRARY 0 -191
DROP ANY MATERIALIZED VIEW 0 -175
DROP ANY MEASURE FOLDER 0 -317
DROP ANY MINING MODEL 0 -292
DROP ANY OPERATOR 0 -203
DROP ANY OUTLINE 0 -226
DROP ANY PROCEDURE 0 -143
DROP ANY ROLE 0 -126
DROP ANY RULE 1 -260
DROP ANY RULE SET 1 -253
DROP ANY SEQUENCE 0 -108
DROP ANY SQL PROFILE 0 -270
DROP ANY SQL TRANSLATION PROFILE 0 -338
DROP ANY SYNONYM 0 -82
DROP ANY TABLE 0 -44
DROP ANY TRIGGER 0 -154
DROP ANY TYPE 0 -183
DROP ANY VIEW 0 -92
DROP LOCKDOWN PROFILE 0 -379
DROP PROFILE 0 -162
DROP PUBLIC DATABASE LINK 0 -121
DROP PUBLIC SYNONYM 0 -86
DROP ROLLBACK SEGMENT 0 -32
DROP TABLESPACE 0 -13
DROP USER 0 -23
EM EXPRESS CONNECT 0 -346
ENQUEUE ANY QUEUE 1 -219
EXECUTE ANY ASSEMBLY 0 -288
EXECUTE ANY CLASS 0 -267
EXECUTE ANY EVALUATION CONTEXT 1 -249
EXECUTE ANY INDEXTYPE 0 -212
EXECUTE ANY LIBRARY 0 -192
EXECUTE ANY OPERATOR 0 -204
EXECUTE ANY PROCEDURE 0 -144
EXECUTE ANY PROGRAM 0 -266
EXECUTE ANY RULE 1 -261
EXECUTE ANY RULE SET 1 -254
EXECUTE ANY TYPE 0 -184
EXECUTE ASSEMBLY 0 -289
EXEMPT ACCESS POLICY 0 -235
EXEMPT IDENTITY POLICY 0 -275
EXEMPT REDACTION POLICY 0 -351
EXPORT FULL DATABASE 0 -255
FLASHBACK ANY TABLE 0 -243
FLASHBACK ARCHIVE ADMINISTER 0 -350
FORCE ANY TRANSACTION 0 -139
FORCE TRANSACTION 0 -138
GLOBAL QUERY REWRITE 0 -211
GRANT ANY OBJECT PRIVILEGE 0 -244
GRANT ANY PRIVILEGE 0 -167
GRANT ANY ROLE 0 -127
IMPORT FULL DATABASE 0 -256
INHERIT ANY PRIVILEGES 0 -352
INHERIT ANY REMOTE PRIVILEGES 0 -365
INSERT ANY CUBE DIMENSION 0 -306
INSERT ANY MEASURE FOLDER 0 -318
INSERT ANY TABLE 0 -48
KEEP DATE TIME 0 -344
KEEP SYSGUID 0 -345
LOCK ANY TABLE 0 -45
LOGMINING 0 -389
MANAGE ANY FILE GROUP 1 -277
MANAGE ANY QUEUE 1 -218
MANAGE FILE GROUP 1 -276
MANAGE SCHEDULER 0 -268
MANAGE TABLESPACE 0 -12
MERGE ANY VIEW 0 -233
ON COMMIT REFRESH 0 -234
PURGE DBA_RECYCLEBIN 0 -347
QUERY REWRITE 0 -210
READ ANY ANALYTIC VIEW CACHE 0 -411
READ ANY FILE GROUP 1 -278
READ ANY TABLE 0 -397
REDEFINE ANY TABLE 0 -56
RESTRICTED SESSION 0 -7
RESUMABLE 0 -236
SELECT ANY CUBE 0 -312
SELECT ANY CUBE BUILD PROCESS 0 -395
SELECT ANY CUBE DIMENSION 0 -307
SELECT ANY DICTIONARY 0 -237
SELECT ANY MEASURE FOLDER 0 -393
SELECT ANY MINING MODEL 0 -293
SELECT ANY SEQUENCE 0 -109
SELECT ANY TABLE 0 -47
SELECT ANY TRANSACTION 0 -269
SET CONTAINER 0 -377
SYSBACKUP 0 -340
SYSDBA 0 -83
SYSDG 0 -341
SYSKM 0 -342
SYSOPER 0 -84
SYSRAC 0 -398
TEXT DATASTORE ACCESS 0 -414
TRANSLATE ANY SQL 0 -355
UNDER ANY TABLE 0 -213
UNDER ANY TYPE 0 -186
UNDER ANY VIEW 0 -209
UNLIMITED TABLESPACE 0 -15
UPDATE ANY CUBE 0 -313
UPDATE ANY CUBE BUILD PROCESS 0 -322
UPDATE ANY CUBE DIMENSION 0 -326
UPDATE ANY TABLE 0 -49
USE ANY JOB RESOURCE 0 -390
USE ANY SQL TRANSLATION PROFILE 0 -337
WRITE ANY ANALYTIC VIEW CACHE 0 -412
Compare with the table table_privilege_map which lists object privileges.

See also

Object privileges
Oracle maintained roles

Index