Privileges Provided by Oracle

In Oracle, a set of access privileges and restrictions exist for each applicable database object.

When you create a database object, you become its owner. By default, only the owner of an object can do anything with the object. In order to allow other users to use it, privileges must be granted. (However, users that have the superuser attribute can always access any object.)

Ordinarily, only the object's owner (or a superuser) can grant or revoke privileges on an object. However, it is possible to grant a privilege Admin Option/Grant Option, which gives the recipient the right to grant it in turn to others. If the grant option is subsequently revoked then all who received the privilege from that recipient (directly or through a chain of grants) will lose the privilege.

There are two main types of user privileges:

System privileges
A system privilege gives a user the ability to perform a particular action, or to perform an action on any schema objects of a particular type. For example, the system privilege CREATE TABLE permits a user to create tables in the schema associated with that user, and the system privilege CREATE USER permits a user to create database users.

Object privileges
An object privilege gives a user the ability to perform a particular action on a specific schema object. Different object privileges are available for different types of schema objects. Example: SELECT, INSERT, UPDATE, DELETE, REFERENCES, DEBUG, ALTER, INDEX, QUERY REWRITE, FLASHBACK and EXECUTE.

Navicat Manage Users allows you to administer users, roles and their privileges.
Under Privileges tab, a list of existing users and/or groups is shown on the left panel. Select a user/role to grant/revoke privileges on an object.

Note: The special name PUBLIC is accessible to every database user, all privileges and roles granted to PUBLIC are accessible to every database user.

See also: Setting Privileges.