Using label policy privileges
Oracle labels have a set of privileges, which can be used to bypass the current privileges in certain conditions, such as performing exports on label-protected tables or other operations that need to read or update the entire table. The same is true for other DML statements such as INSERT and DELETE.
In the previous recipe, we gave FULL policy privilege to the user HR. In this recipe, we will create a new user OLSAUTH, who will be granted a special privilege called PROFILE_ACCESS.
Getting ready
All the steps will be performed on the database HACKDB.
How to do it...
Usually special privileges should be granted to dedicated users. This can be done as follows:
Connect as the user
system, create userOLSAUTHand grantcreate sessionandSELECTon the tableEMPLOYESS_OLS_TBL, as follows:SQL> conn system Enter password: Connected. SQL> create user OLSAUTH identified by OLSAUTH; User created. SQL> grant create session to employees_ols_tbl to OLSAUTH; SQL>...
