Competence
SYSDBA privileges include:
(1) Perform STARTUP and SHUTDOWN operations
(2) ALTER DATABASE: open, mount, back up, or change character set
(3) CREATE DATABASE
(4) DROP DATABASE
(5) CREATE SPFILE
(6) ALTER DATABASE ARCHIVELOG
(7) ALTER DATABASE RECOVER
(8) Includes the RESTRICTED SESSION privilege
SYSOPER permissions are included:
(1) Perform STARTUP and SHUTDOWN operations
(2) CREATE SPFILE
(3) ALTER DATABASE OPEN/MOUNT/BACKUP
(4) ALTER DATABASE ARCHIVELOG
(5) ALTER DATABASE RECOVER (Complete recovery only. Any form of incomplete recovery, such as
UNTIL TIME|CHANGE|CANCEL|CONTROLFILE requires connecting as SYSDBA.)
(6) Includes the RESTRICTED SESSION privilege
This privilege allows a user to perform basic operational tasks, but without the ability to look at user data.
Explanation
Is a subset of SYSDBA SYSOPER, and SYSDBA when we log on to the database, no matter what you enter a user, the user actually logged SYS is the default mode; when logging into the database as SYSOPER, will be in the default mode PUBLIC login.
test
(1) We use a non-existent test users log in:
At this point you can see the default login is SYS mode.
(2) to test the same login user does not exist:
[oracle@orcl ~]$ sqlplus test/test as sysoper
At this point you can see is the default login PUBLIC mode.
(3) We query table zhan.t_a at sysdba
See table exists;
In the same query table SYSOPER:
The findings suggest that table does not exist.
to sum up
(1) SYSOPER is a subset of SYSDBA;
(2) When logged in as SYSDBA, the default mode is SYS, no matter where you sqlplus command to specify which user; Similarly, SYSOPER default mode is PUBLIC;
(3) while logged on as SYSOPER, table data can not be accessed ordinary users.