What are the minimum privileges needed to create a READ ONLY user in Oracle?
You can create a READ ONLY user with just the Create Session permission.
1) Create Session: With this privilege you will be able to logon in the the database and use the Schema Browser and Editor
Additional permissions can be granted:
2) Select any Table: With this privilege you will be able to select any table schema rather than SYS objects. Though if O7_DICTIONARY_ACCESSIBILITY parameter is set to TRUE then SELECT ANY TABLE privilege provides access to all SYS and non-SYS objects.
3) Select any dictionary: If O7_DICTIONARY_ACCESSIBILITY parameter is set to TRUE then this privilege is not required to select data dictionary objects or in other word SYS objects. If O7_DICTIONARY_ACCESSIBILITY parameter is set to false then this privilege is required to give select permission on the data dictionary objects.
Following is an example.
SQL> create user xxxxx identified by a;
User created.
SQL> grant create session,select any dictionary,select any table to xxxxx;
Grant succeeded.
