This command removes the privilege to perform an action on a database.
Syntax
REVOKE { privilege., ..} FROM { grantee }
privilege ::=
{ CONNECT
| DBA
| RESOURCE }
| Keyword |
Description |
|
privilege
|
Type of access, action, or privilege to remove |
|
grantee
|
User name(s) to allow privilege |
Use
This statement removes privileges from authorization IDs that have previously received them with the GRANT statement. Only
a database administrator (DBA) can execute this statement.
- Removing CONNECT privileges means that the grantee can no longer access the database. It has no effect on the objects owned
by that grantee.
- Removing RESOURCE privileges means that the grantee can no longer create new objects.
Note: Be very careful when removing DBA privileges: If there are no other DBAs, the GRANT and REVOKE statements can no longer be
used.
Example
REVOKE CONNECT FROM CLERK