One, the most important difference: the importance of storing data is different
"SYS" the base tables and views of all Oracle data dictionaries are stored in the SYS user, which is critical to the operation of Oracle, maintained by the database itself, and cannot be changed manually by any user. SYS user has roles or permissions such as DBA, SYSDBA, Sysoper, etc., and is the user with the highest Oracle privileges.
"System" users are used to hold secondary-level internal data, such as some Oracle features or management information for tools. The system user has normal DBA role permissions.
Second, the difference: the different permissions
The "system" user can only log in to EM as normal unless you grant SYSDBA System privileges (grant SYSDBA to System) or Sysoper system permissions to it.
"SYS" User has "SYSDBA" or "Sysoper" System permissions, login em can only use these two identities, can not use normal.
Login to Oracle with sys user, execute SELECT * from V_$pwfile_users; You can query to users with SYSDBA permissions, such as:
Sql> select * from V_$pwfile_users;
USERNAME SYSDBA Sysoper
SYS true True
SYSDBA and Sysoper two system permissions differences
What's the difference between normal, SYSDBA, Sysoper?
Normal is a normal user
The other two, and you'll see what they have right now.
SYSDBA has the highest system privileges, and after logging in is SYS
Sysoper is mainly used to start, close the database, Sysoper login after the user is public
Sysdba and Sysoper belong to the system privilege, also known as administrative privilege, have some system administration level permissions such as database on shutdown SYSDBA and sysoper specific permissions can be seen in the following table:
system permissions sysdba sysoper
distinguish startup (start database) startup
Shutdown (Close database) shutdown
ALTER DATABASE Open/mount/backup alter database open/mount/backup
Change character set none
CREATE DATABASE none cannot create database
Drop database none
Create spfile create spfile
Alter DB Archivelog (archive log) alter database archivelog
ALTER DATABASE recover (recover databases) can only be fully recovered, Unable to perform incomplete recovery
has restricted session limit permission restricted session permission
allows the user to connect as a SYS user & nbsp; You can do some basic operations, but you cannot view user data
User is public after logon after login sys ;
If the system is logged in normally, it is actually a normal DBA user, but if you log in as SYSDBA, the result is actually logged in as a SYS user, which is similar to the feeling of sudo inside Linux, as we can see from the login information. Therefore, after the database is connected as SYSDBA, the objects created are actually generated in sys. The same is true for other users, if the as SYSDBA is logged in as a SYS user, see the following experiment:
Sql> create user strong identified by strong;
Differences between SYS users and system users in Oracle