DBA role and privacy problem
387565Jun 7 2004 — edited Jun 7 2004I have some problems understanding DBA role. I have DBA privs on a database (I'm a developer, not a DBA). Because of a privacy problem, I have not to select data in only one table of the database. A solution could be to encrypt rows of this table... This will be the last choice, because in this case I will have to rewrite some applications. So, I'm trying to create a new role in which I have all privileges except SELECT ANY TABLE. Then I will have to lose my DBA privs. During ordinary operations necessary to mantain my applications (like backup, import and export and so on...), I will have DBA privs granted again from the privacy manager only for the period necessary to mantain the site. After this period I have to sign a paper in which I declare I have not seen the records of that table. As you can imagine, this solution is very bad (during that period I can create 1000 users with dba privs...), but seems to be fine to the privacy manager.
Now my problem is: after creating the role DBA_WSAT that is the DBA role without select any table, I can connect as sysdba again... Why? Which is the privilege that enable a user to connect as sysdba? Any suggestions will be appreciated to solve this bad situation...
Thank you very much.
Ste.