As part of new Oracle 12c Database security implementation, they have stripped the system privilege ” SELECT ANY DICTIONARY ” from accessing the following SYS tables: USER$, ENC$,DEFAULT_PWD$, LINK$, USER_HISTORY$, CDB_LOCAL_ADMINAUTH$, XS$VERIFIERS.

The reason they removed access from these tables, is just in case you grant “select any dictionary” to a non-dba account, this account wont be able to see the “hashed passwords”. Only the SYS account will be able to query these tables.

in 12c if you simulate that:


SQL> grant select any dictionary to account1;


sqlplus account1/password@DB1

SQL> select * from SYS.USER$;

ORA-01031: insufficient privileges

Bingo…… can’t query USER$ table although you are granted the “select any dictionary” privilege.


One thought on “SELECT ANY DICTIONARY in Oracle 12c

  1. Hello admin, i must say you have hi quality articles here.
    Your website can go viral. You need initial traffic only.
    How to get it? Search for; Mertiso’s tips go viral

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s