Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: DB Access restriction

RE: DB Access restriction

From: Dara Vaughn <dara.vaughn_at_wcom.com>
Date: Mon, 11 Dec 2000 18:38:55 -0600
Message-Id: <10707.124264@fatcity.com> 





Ganapathi,



I don't know if there is another way to do this, but the way I've handled it
in the past is to create a password protected role that has the privileges
needed for your application.  Assign this role to each of your users, but
NOT as a DEFAULT role.  Create your users and give them only CREATE SESSION
privilege.  Then, the first thing you do when they log on through the
application (be it D2K or Pro*C), is to enable the password protected role.
Of course, your application must know the password.  But, if anyone tries to
use their oracle user id with a 3rd party tool, they will be able to
connect, but not do anything else.  You must make sure your database is
locked down of course... e.g. DON'T grant stuff to PUBLIC!!  (not that I've
ever seen that... ;-)



There MAY be some way to handle it with profiles, but I'm not sure about
that.  You'd have to read up on the documentation.



HTH,


Dara Vaughn


Oracle DBA


Quality Software Engineering



-----Original Message-----



From: root_at_fatcity.com [mailto:root_at_fatcity.com]On Behalf Of Ganapathi
Kesavelu


Sent: Monday, December 11, 2000 1:48 PM


To: Multiple recipients of list ORACLE-L
Subject: DB Access restriction




  ORACLE 7.3.4 (will be upgraded to 817) OPS
  The frontend is D2K.


  There are some interfaces written in PRO*C.
 The apps also uses DBMS_JOB



  I want to allow access to db for people who come
thru forms and PRO*C only.  Basically I want to
restrict access to anybody trying to come by any third
party apps, ODBC etc



 TIA


Regd's


GK







Do You Yahoo!?


Yahoo! Shopping - Thousands of Stores. Millions of Products.
http://shopping.yahoo.com/


--



Please see the official ORACLE-L FAQ: http://www.orafaq.com


--



Author: Ganapathi Kesavelu


  INET: k7g_at_yahoo.com


Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051
San Diego, California        -- Public Internet access / Mailing Lists


--------------------------------------------------------------------

To REMOVE yourself from this mailing list, send an E-Mail message


to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).
Received on Mon Dec 11 2000 - 18:38:55 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US