Some non-DBA users in your database have been granted ANY TABLE system privileges and they are
able to access data dictionary base tables. You decide to restrict their access to data dictionary
objects. Which method would you adopt to achieve this objective?
A.
Revoke the RESOURCE role from the users.
B.
Set the value of the OS_ROLES parameter to TRUE.
C.
Use Database Resource Manager to restrict user access to objects.
D.
Grant ANY TABLE system privileges again without ADMIN OPTION.
E.
Set the value of the O7_DICTIONARY_ACCESSIBILITY parameter to FALSE.
O7_DICTIONARY_ACCESSIBILITY controls restrictions on SYSTEM privileges. If the parameter is set to true, access to objects in the SYS schema is allowed (Oracle7 behavior).
The default setting of false : system privileges that allow access to objects in “any schema” do not allow access to objects in the SYS schema.
All of the base tables and views for the database’s data dictionary are stored in the schema SYS.
Protecting Data Dictionary: By default, O7_DICTIONARY_ACCESSIBILITY parameter is set to FALSE.
If there is no good reason, we must not change this setting because it will prevent having ANY TABLE system privilege to access the data dictionary base tables. This parameter setting also ensures that users can only SYS as SYSDBA login.