About Superuser Privileges

A superuser (DBADMIN) is the automatically-created database user who has the same name as the Linux database administrator account and who can bypass all GRANT/REVOKE authorization, as well as supersede any user that has been granted the PSEUDOSUPERUSER role.

Note: Database superusers are not the same as a Linux superuser with (root) privilege and cannot have Linux superuser privilege.

A superuser can grant privileges on all database object types to other users, as well as grant privileges to roles. Users who have been granted the role will then gain the privilege as soon as they enable it.

Superusers may grant or revoke any object privilege on behalf of the object owner, which means a superuser can grant or revoke the object privilege if the object owner could have granted or revoked the same object privilege. A superuser may revoke the privilege that an object owner granted, as well as the reverse.

Since a superuser is acting on behalf of the object owner, the GRANTOR column of V_CATALOG.GRANTS table displays the object owner rather than the superuser who issued the GRANT statement.

A superuser can also alter ownership of table and sequence objects.

See Also

DBADMIN Role