After the select any table permission is granted, the TABLE of the sys user cannot be accessed.

After the select any table permission is granted, the TABLE of the sys user cannot be accessed.
SQL> show parameter dict

NAME TYPE VALUE
------------------------------------------------------------------------
O7_DICTIONARY_ACCESSIBILITY boolean FALSE --------- default value: false ---- if this parameter is set to true, normal users with select any table permission can access sys schema.
SQL> alter system set O7_DICTIONARY_ACCESSIBILITY = true scope = spfile

O7_DICTIONARY_ACCESSIBILITY controls that common users cannot directly access sys schema


FYI: O7_DICTIONARY_ACCESSIBILITY

Property	Description
Parameter type	Boolean
Default value	false
Modifiable	No
Range of values	true | false

O7_DICTIONARY_ACCESSIBILITYControls restrictions onSYSTEMPrivileges. If the parameter is settrue, Access to objects inSYSSchema is allowed (Oracle7 behavior). The default settingfalseEnsures that system privileges that allow access to objects in "any schema" do not allow access to objects inSYSSchema.

For example, ifO7_DICTIONARY_ACCESSIBILITYIs setfalse, ThenSELECT ANY TABLEPrivilege allows access to views or tables in any schema does notSYSSchema (data dictionary tables cannot be accessed). If O7_DICTIONARY_ACCESSIBILITY is setfalse, Then to access objects inSYSSchema, the user shoshould haveSELECT ANY DICTIONARYSystem privilege or the user shoshould have been grantedSELECTObject privilege on the specific objects. The system privilegeEXECUTE ANY PROCEDUREAllows access on the procedures in any schema doesn'tSYSSchema.

If this parameter is setfalseAnd you need to access objects inSYSSchema, then you must be granted explicit object privileges. The following roles, which can be granted to the database administrator, also allow access to dictionary objects:

• SELECT_CATALOG_ROLE

• EXECUTE_CATALOG_ROLE

• DELETE_CATALOG_ROLE