https://ivanluminaria.com/en/tags/audit/Recent content in Audit on Ivan LuminariaHugoenTue, 27 Jan 2026 08:03:00 +0100https://ivanluminaria.com/en/posts/oracle/oracle-roles-privileges/Tue, 27 Jan 2026 08:03:00 +0100https://ivanluminaria.com/en/posts/oracle/oracle-roles-privileges/<p>It has happened to me more than once: I walk into an Oracle environment and find the same situation. Every application user connected as the schema owner, with the DBA role granted. Developers, batch jobs, reporting tools — all running with the same privileges as the user that owns the tables.</p> <p>When you ask why, the answer is always some variation of: &ldquo;This way everything works without permission issues.&rdquo;</p> <p>Sure. Everything works. Until the day a developer runs a <code>DROP TABLE</code> on the wrong table. Or a batch import does a <code>TRUNCATE</code> on a production table thinking it is in the test environment. Or someone runs a <code>DELETE FROM customers</code> without a <code>WHERE</code> clause.</p>