Security → Database Vault
Starting with this release, a DV_OWNER common user in the CDB root can prevent local users from creating Oracle Database Vault controls on common objects in a pluggable database (PDB).
Business Benefit: Blocking common users from common operations can prevent the execution of SQL commands that are necessary for managing the application or CDB database. To prevent this situation, a user who has the DV_OWNER role in the root can execute the DBMS_MACADM.ALLOW_COMMON_OPERATION procedure to control whether local PDB users can create Database Vault controls on common users' objects (database or application). In previous releases, in a multitenant environment, a local Oracle Database Vault user could create Database Vault policies that could potentially block application or common operations. Blocking common users from common operations can prevent the execution of SQL commands that are necessary for managing the application or CDB database. To prevent this situation a user who has the DV_OWNER role in the root can execute the DBMS_MACADM.ALLOW_COMMON_OPERATION procedure to control whether local PDB users can create Database Vault controls on common users' objects (database or application).