创建用户tt,tt2
create user tt identified by tt;
create user tt2 identified by tt;
授予用户tt系统权限(with admin option)
grant create session,create table to tt with admin option;
用户tt将系统权限授予用户tt2
conn tt/tt
grant create session,create table to tt2 ;
查询用户tt,tt2拥有的系统权限
SELECT grantee,
privilege
FROM DBA_SYS_PRIVS
WHERE GRANTEE IN
(SELECT USERNAME
FROM dba_users
WHERE username in ('TT','TT2'))
ORDER BY 1;
回收用户tt的系统权限
conn / as sysdba
revoke create session,create table from tt;
再次查询用户tt,tt2拥有的系统权限
SELECT grantee,
privilege
FROM DBA_SYS_PRIVS
WHERE GRANTEE IN
(SELECT USERNAME
FROM dba_users
WHERE username in ('TT','TT2'))
ORDER BY 1;
总结
用户tt把系统权限授予用户tt2后,当回收用户tt的系统权限时,用户tt2的权限并不会被回收。