How about redefining copies of the relevant data dictionary views for
RO_USER to suit your purposes?
- Original Message -----
To: "Multiple recipients of list ORACLE-L" <ORACLE-L_at_fatcity.com>
Sent: Tuesday, November 05, 2002 5:48 AM
> Hi all,
>
> I am trying to create a read-only login, RO_USER which can do the
following:
>
> 1. See all tables, views, constraints etc. in one *specific* other
schema,
> APP.
>
> 2. See all the source for PL/SQL objects in APP.
>
> The first bit is easy: GRANT SELECT on tables, views to RO_USER.
>
> Not sure about the second bit. I have tried granting CREATE ANY PROCEDURE
> and CREATE ANY TRIGGER to RO_USER and using a DDL trigger to prevent these
> privileges actually being used to create procedures/triggers. This works
> but does not restrict the source visibility to APP. I have other schemas
> where I do not want RO_USER to see the source.
>
> My other concern is granting SELECT on sequences as this means that they
> can select nextval from them and hence increment the numbers (not quite
> read-only!)
>
> Any suggestions for fixing these problems would be much appreciated!
>
> Thanks
> - Bill.
>
> PS. This is on 8i.
>
>
> --
> Intasys Billing Technologies Ltd. www.intasysbilling.com
> 74 Commercial Street, Commercial Quay, Leith, Edinburgh EH6 6LX
> tel (0)131 625 8200 fax (0)131 625 8201 email wbuchan_at_uk.intasys.com
>
> --
> Please see the official ORACLE-L FAQ: http://www.orafaq.com
> --
> Author: Bill Buchan
> INET: wbuchan_at_uk.intasys.com
>
> Fat City Network Services -- 858-538-5051 http://www.fatcity.com
> San Diego, California -- Mailing list and web hosting services
> ---------------------------------------------------------------------
> To REMOVE yourself from this mailing list, send an E-Mail message
> to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
> the message BODY, include a line containing: UNSUB ORACLE-L
> (or the name of mailing list you want to be removed from). You may
> also send the HELP command for other information (like subscribing).
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Tim Gorman
INET: Tim_at_SageLogix.com
Fat City Network Services -- 858-538-5051 http://www.fatcity.com
San Diego, California -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
Received on Tue Nov 05 2002 - 07:58:49 CST
