Database Related

The Difference Between System And Object Privileges

Before we go to the differences between systems and object privileges, we need to understand what a privilege in a database really is. In a database used by many users, each user account can have a number of permissions. For example, user A can have the permission to only access the database, without any rights to edit it. Whereas, user B may be allowed to DELETE or UPDATE tables or CREATE a new database. These permissions are known as privileges.

System privileges

System privileges are those privileges that are given to certain users to perform functions dealing with managing the server and the database. This is what makes system privileges different from object privileges. They are more concerned with the system and the server rather than the components of the database. Some examples of Oracle system privileges and SQL server system privileges are given below.

Examples of Oracle system privileges:

  • CREATE SESSION: If this permission is given to a user, he is simply allowed to connect to a particular database.
  • CREATE USER: The CREATE USER permission allows a database user to create new users who can access the database.
  • CREATE TABLE: This permission allows a database user to create new tables in their own schema.

Examples of Microsoft SQL Server System Privileges:

  • CREATE DATABASE: This permission, when granted to a database user, allows him to create new database on the server he is connected to.
  • BACKUP DATABASE: If the BACKUP DATABASE permission is granted to a user, he can create backups of the databases on the server.
  • SHUTDOWN DATABASE: This permission enables a database user to issue a command that shuts down the server.


Object privileges

Now that we have understood service privileges in detail, we can easily understand object privileges as well.

As the name suggests, object permissions allow users to perform functions on different objects of a database. These objects can be stored procedures, tables, indexes etc. For example, the GRANT clause gives a user the privilege to SELECT and/or DELETE contents from a particular table.




Leave a Reply