Hi Sean,

>> As a chosen combination of already granted roles isn't of relevance
>> regarding security, why not allow the user to define the needed
>
>Wouldn't this allow the user to 'promote' himself to SYSDBA and do
>anything he wanted?

No, I spoke of _granted_ roles.

Christian