Home » RDBMS Server » Security » User Rights (Oracle 10g Database , Delveloper 2000)
User Rights [message #604387] Mon, 30 December 2013 01:42 Go to next message
kame
Messages: 68
Registered: July 2009
Member
Hi Experts



Oracle 10 g Database , Developer 2000

I have a USER in my Database name ABC having more then 10 tables. many people are inserting/updating/deleting record at this USER ABC.

user ABC have DBA rights.

now I want to restrict some computer users they only can Insert record not update and delete.

example :-


Database User	Computer User	 Rights
ABC	                 user1	         Insert - Update - Delete
ABC	                 user2	         Insert - Update - Delete
ABC	                 user3	         Insert
ABC	                 user4	         Insert




how can do this.



Thanks in advance.
Re: User Rights [message #604389 is a reply to message #604387] Mon, 30 December 2013 01:49 Go to previous messageGo to next message
Lalit Kumar B
Messages: 2334
Registered: May 2013
Location: World Wide on the Web
Senior Member
GRANT
Re: User Rights [message #604390 is a reply to message #604389] Mon, 30 December 2013 01:59 Go to previous messageGo to next message
Littlefoot
Messages: 19610
Registered: June 2005
Location: Croatia, Europe
Senior Member
Account Moderator
Create all those users (using CREATE USER). Optionally, create two roles - one for inserts, another one for updates and deletes. Grant required privileges on ABC's tables to either every user, or - alternatively - to roles you've just created, and then grant these roles to each user (user1 and user2 would get two roles, users 3 and 4 only one).

You might also need to create synonyms for ABC's objects (tables, views, ... whatever) in every user's schema.
Re: User Rights [message #604395 is a reply to message #604387] Mon, 30 December 2013 02:15 Go to previous messageGo to next message
Michel Cadot
Messages: 59136
Registered: March 2007
Location: Nanterre, France, http://...
Senior Member
Account Moderator

Quote:
user ABC have DBA rights.


It should not, NO application user, including owner, should have DBA role/rights.
DBA rights are for... DBAs, ONLY.

Re: User Rights [message #604397 is a reply to message #604387] Mon, 30 December 2013 02:38 Go to previous messageGo to next message
Lalit Kumar B
Messages: 2334
Registered: May 2013
Location: World Wide on the Web
Senior Member
https://community.oracle.com/thread/2616466
Re: User Rights [message #604398 is a reply to message #604397] Mon, 30 December 2013 02:57 Go to previous message
Littlefoot
Messages: 19610
Registered: June 2005
Location: Croatia, Europe
Senior Member
Account Moderator
Shame on @kame! Instead of being loyal to one and only one forum, he's kind of promiscuous! That should NOT be allowed, under no circumstances! What should/could be done to stop that? A warning, perhaps? Or something much more severe, such as banning everyone from all forums except one?

Hey, but I'm also member of more than one forum on the Internet!? Hm, let me think ... I'll, shortly, pick one I'll be active on, and ask the authorities to revoke my access to all other forums.
Previous Topic: List of all bugs fixed in a CPU
Next Topic: McAfee Database Security for 'Data Loss Prevention (DLP)'
Goto Forum:
  


Current Time: Thu Sep 18 19:16:03 CDT 2014

Total time taken to generate the page: 0.06954 seconds