Dave then talks about privileges and security in a one and a bit page section (page 26-27). He talks about the unbreakable campaign and also tells us how version 4 authentication used to work. The passwords were stored in clear text in a table in the SYSTEM tablespace and a weak encryption was used in version 5. Dave gives some good comments and he suggests that VPD doesn't support shared sessions. This is not quite true as secure contexts and proxy accounts and connection pooling can be used effectively with VPD and shared accounts. I suspect Dave meant that it won't work with existing traditional shared account applications. David Knox discussed this is his new Oracle security book published by Oracle press. I will talk about this book soon as well.
Daves made a good point that I have thought about for a long time and never talked about. This is why there is no distinction between users and schemas. Its not intuative. It works as it is but could it be better?
This is an excellent book, so far.