One of the trickiest parts of Oracle's security model is the way that roles (collections of database privileges) interact with stored procedures, functions, and packages.
This story continues at http://www.databasejournal.com/news/article.php/3748431
