Skip to Main Content

Breadcrumb

Question and Answer

Connor McDonald

Thanks for the question, venkatesh.

Asked: November 17, 2016 - 9:42 am UTC

Last updated: November 18, 2016 - 6:13 am UTC

Version: 12c

Viewed 1000+ times

You Asked

I have created one package(pk_data_updates) in schema A and assigned Execute permission to existing Role Role1(ROLE Role1 is password protected).
this Role (R1) is assigned to user venkat.

CREATE ROLE Role1 IDENTIFIED BY roc_super;
GRANT EXECUTE ON PK_DATA_UPDATES TO Role1

GRANT Role1 TO venkat;
ALTER USER "venkat" DEFAULT ROLE ALL EXCEPT C_SUPERUSER, CL_USER, WORKFLOW_READER;


when try to execute the package, i am getting following error :

PLS-00201: identifier PK_DATA_UPDATES must be declared

but the above package is working in previous version 11g.




and Connor said...

That change may also go back to 11.2.0.4 (I cant be sure), but it was to fix a potential security issue.

In earlier releases, if someone had (say)

roleA default
roleB default password-prot
roleC not default

then if you did:

set role roleA

then *all* default roles would be activated (including the password protected one).

That is obviously a security issue, because you accessed the protected role without ever providing the password.

That has been corrected.

Is this answer out of date? If it is, please let us know via a Comment
more

Connor and Chris don't just spend all day on AskTOM. You can also catch regular content via Connor's blog and Chris's blog. Or if video is more your thing, check out Connor's latest video and Chris's latest video from their Youtube channels. And of course, keep up to date with AskTOM via the official twitter account.

More to Explore

PL/SQL demos

Check out more PL/SQL tutorials on our LiveSQL tool.

PL/SQL docs

PL/SQL reference manual from the Oracle documentation library