Skip to Main Content

Feature Details

Buttons

Feature Details Container

Ability to Prevent Local Oracle Database Vault Policies from Blocking Common Operations

Security → Database Vault

Starting with this release, a DV_OWNER common user in the CDB root can prevent local users from creating Oracle Database Vault controls on common objects in a pluggable database (PDB).

Business Benefit: Blocking common users from common operations can prevent the execution of SQL commands that are necessary for managing the application or CDB database. To prevent this situation, a user who has the DV_OWNER role in the root can execute the DBMS_MACADM.ALLOW_COMMON_OPERATION procedure to control whether local PDB users can create Database Vault controls on common users' objects (database or application). In previous releases, in a multitenant environment, a local Oracle Database Vault user could create Database Vault policies that could potentially block application or common operations. Blocking common users from common operations can prevent the execution of SQL commands that are necessary for managing the application or CDB database. To prevent this situation a user who has the DV_OWNER role in the root can execute the DBMS_MACADM.ALLOW_COMMON_OPERATION procedure to control whether local PDB users can create Database Vault controls on common users' objects (database or application).

Release Availability
11.2
12.1
12.2
18c
19c
21c
23ai
Licensed With
Oracle Database Vault
Available On
  • Oracle Database FREE
  • Enterprise Edition
  • Oracle Database Appliance
  • Exadata
  • Exadata Cloud Service / Cloud@Customer
  • Database Cloud Service Enterprise Edition - High Performance
  • Database Cloud Service Enterprise Edition - Extreme Performance
Initial Release
21c