As part of new Oracle 12c Database security implementation, they have stripped the system privilege ” SELECT ANY DICTIONARY ” from accessing the following SYS tables: USER$, ENC$,DEFAULT_PWD$, LINK$, USER_HISTORY$, CDB_LOCAL_ADMINAUTH$, XS$VERIFIERS.
The reason they removed access from these tables, is just in case you grant “select any dictionary” to a non-dba account, this account wont be able to see the “hashed passwords”. Only the SYS account will be able to query these tables.
in 12c if you simulate that:
sqlplus
SQL> grant select any dictionary to account1;
exit
sqlplus account1/password@DB1
SQL> select * from SYS.USER$;
ORA-01031: insufficient privileges
Bingo……..you can’t query USER$ table although you are granted the “select any dictionary” privilege.
Hello admin, i must say you have hi quality articles here.
Your website can go viral. You need initial traffic only.
How to get it? Search for; Mertiso’s tips go viral