On Tuesday, October 9, 2018, Thiemo Kellner <thi...@gelassene-pferde.biz> wrote: > > Does it not say you do not need the usage privilege as you can query the > data catalog anyway to get the object's details? And in deed, DBeaver > queries the details of the object without the usage privilege.
Basically lacking USAGE does not prevent someone from knowing objects within the schema exist, it just prevents queries from referencing them as named objects. > To carry out actions on objects one needs the specific grant like select > anyway. I do not see the point of usage privilege. Layers of security. But yes it is generally sufficient enough to simply allow usage on scheme without much thought while ensuring contained objects are sufficiently secured. David J.
