The DBA role does not include the SYSDBA or SYSOPER system privileges. These are special administrative privileges that allow an administrator to perform basic database administration tasks, such as creating the database and instance startup and shutdown.
This role tells you the grantee, granted_role, whether they have admin option granted, and whether the role is their default role:
USER_ROLE_PRIVS describes the roles granted to the current user.
SQL> desc dba_role_privs
Name Null? Type
———— ——– ————
GRANTEE VARCHAR2(30)
GRANTED_ROLE NOT NULL VARCHAR2(30)
ADMIN_OPTION VARCHAR2(3)
DEFAULT_ROLE VARCHAR2(3)
GRANTEE: Name of the user or role receiving the grant
—————–
GRANTED_ROLE: Granted role name
————————–
ADMIN_OPTION: Indicates whether the grant was with the ADMIN OPTION (YES) or not(NO)
————————-
DEFAULT_ROLE: Indicates whether the role is designated as a DEFAULT ROLE for the user (YES) or not (NO)
Using below query you can find users having DBA privileges
SQL> select * from dba_role_privs where granted_role='DBA';
GRANTEE GRANTED_ROLE ADM DEF
--------- ------------ --- ---
SYS DBA YES YES
SYSTEM DBA YES YES
There are many situations arises where you wanted to revoke the DBA roles granted to the user for the security reasons. The above query will help you to find the users having DBA privileges.