Suppose you have an Oracle user "A" that needs EXECUTE privilege on a set of packages. From time to time, a different user "B" creates a new package that needs to be executable by "A". As such, and as part of the package creation process, "B" must be able to grant EXECUTE privilege to "A" on the new package. (Note: "A" could be a user or a role). It is important that "B" will ONLY be able to grant EXECUTE privilege to "A" on the new package, and will NOT be able to grant any other privilege to any other user. Moreover, any new such package would display a well defined pattern in its name, for instance "ABCD_PACK_?????????". Would it be possible to grant "B" the GRANT privilege to "A" solely on packages whose name start with "ABDC_PACK"? Thanks.
It looks that there is no simple way to defined a sort of CUSTOM GRANT to a user, and the only way to achieve what I was looking for is to implement special code that would OPEN B's privilege, and then CLOSE it once the grant was done. This approach, however, does not resolve in a comprehensive way the issue of security. It would be nice if ORACLE would consider enhancing the security capabilities of its DB, specially in view of the tightening requirements of the market.