I have select and update roles on all application tables, subdivided by
functional area where possible, and grant those roles to developers. I regularly
extract granted privileges (and other metadata) from the development and test
environments using dbms_metadata so that I can easily recreate privileges (and
passwords) after a development/test database is refreshed from production.
In some environments I need to grant "drop any table" so that they can do a
truncate. In that case I use a trigger on the drop command to prevent developers
to actually drop any but their own tables.

Quoting Jeffrey Beckstrom <JBECKSTROM@(protected)>:

> Wondering what other people do in granting privileges to developers in
> non-production. Do you grant system (update any table) privilege or
> privilege to the individual tables.
>
--
regards

Wolfgang Breitling
Oracle 7,8,8i,9i OCP DBA
Centrex Consulting Corporation
www.centrexcc.com

--
http://www.freelists.org/webpage/oracle-l