Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Privileges and PL/SQL code

RE: Privileges and PL/SQL code

From: Jamadagni, Rajendra <Rajendra.Jamadagni_at_espn.com>
Date: Mon, 14 Jul 2003 07:50:41 -0400
Message-Id: <25920.337658@fatcity.com> 





This message is in MIME format. Since your mail reader does not understand
this format, some or all of this message may not be legible.



------=_NextPartTM-000-7b912388-5e83-4c28-ab4a-ed9ae9649d6e

Content-Type: multipart/alternative;


        boundary="----_=_NextPart_001_01C349FE.26702D34"



------_=_NextPart_001_01C349FE.26702D34



Content-Type: text/plain;


        charset="iso-8859-1"



If you don't want to do that, create your pl/sql code under schema A and
grant execute on those to B and C.



Sorry ... that's the only way to go ...



Raj






Rajendra dot Jamadagni at nospamespn dot com
All Views expressed in this email are strictly personal.
QOTD: Any clod can have facts, having an opinion is an art !




-----Original Message-----



From: Stefan Jahnke [mailto:Stefan.Jahnke_at_bov.de]
Sent: Monday, July 14, 2003 8:31 AM


To: Multiple recipients of list ORACLE-L
Subject: Privileges and PL/SQL code




Hi list



I was wondering if there is any way to get the following to work:



User A owns all tables, users B,C own PL/SQL code to access A's tables.
To work with A's tables from user B and C, I would like to create a role to 
contain all the object privileges and grant these to B and C. 



Didn't use to work, since PL/SQL is not particularly interested in grants
received through roles.


But I don't really want to grant all privileges directly to B and C (and
many more users).



Is there a way in 9i that works better ? Any improvements I missed out on ?



Thanks in advance,


Stefan



 

-- 
Please see the official ORACLE-L FAQ: http://www.orafaq.net
-- 
Author: Stefan Jahnke
  INET: Stefan.Jahnke_at_bov.de

Fat City Network Services    -- 858-538-5051 http://www.fatcity.com
San Diego, California        -- Mailing list and web hosting services


---------------------------------------------------------------------

To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).



------_=_NextPart_001_01C349FE.26702D34

Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
5.5.2654.45">
<TITLE>RE: Privileges and PL/SQL code</TITLE>
</HEAD>
<BODY>

<P><FONT SIZE=3D2>If you don't want to do that, create your pl/sql code =
under schema A and grant execute on those to B and C.</FONT>
</P>

<P><FONT SIZE=3D2>Sorry ... that's the only way to go ...</FONT>
</P>

<P><FONT SIZE=3D2>Raj</FONT>
<BR><FONT =
SIZE=3D2>---------------------------------------------------------------=


-----------------</FONT>

<BR><FONT SIZE=3D2>Rajendra dot Jamadagni at nospamespn dot com</FONT>
<BR><FONT SIZE=3D2>All Views expressed in this email are strictly =
personal.</FONT>
<BR><FONT SIZE=3D2>QOTD: Any clod can have facts, having an opinion is =
an art !</FONT>
</P>
<BR>

<P><FONT SIZE=3D2>-----Original Message-----</FONT>
<BR><FONT SIZE=3D2>From: Stefan Jahnke [<A =
HREF=3D"mailto:Stefan.Jahnke_at_bov.de">mailto:Stefan.Jahnke_at_bov.de</A>]</F=
ONT>
<BR><FONT SIZE=3D2>Sent: Monday, July 14, 2003 8:31 AM</FONT>
<BR><FONT SIZE=3D2>To: Multiple recipients of list ORACLE-L</FONT>
<BR><FONT SIZE=3D2>Subject: Privileges and PL/SQL code</FONT>
</P>
<BR>

<P><FONT SIZE=3D2>Hi list</FONT>
</P>

<P><FONT SIZE=3D2>I was wondering if there is any way to get the =
following to work:</FONT>
</P>

<P><FONT SIZE=3D2>User A owns all tables, users B,C own PL/SQL code to =
access A's tables.</FONT>
<BR><FONT SIZE=3D2>To work with A's tables from user B and C, I would =
like to create a role to </FONT>
<BR><FONT SIZE=3D2>contain all the object privileges and grant these to =
B and C. </FONT>
</P>

<P><FONT SIZE=3D2>Didn't use to work, since PL/SQL is not particularly =
interested in grants</FONT>
<BR><FONT SIZE=3D2>received through roles.</FONT>
<BR><FONT SIZE=3D2>But I don't really want to grant all privileges =
directly to B and C (and</FONT>
<BR><FONT SIZE=3D2>many more users).</FONT>
</P>

<P><FONT SIZE=3D2>Is there a way in 9i that works better ? Any =
improvements I missed out on ?</FONT>
</P>

<P><FONT SIZE=3D2>Thanks in advance,</FONT>
<BR><FONT SIZE=3D2>Stefan</FONT>
</P>
<BR>
<BR>

<P><FONT SIZE=3D2>&nbsp;</FONT>
<BR><FONT SIZE=3D2>-- </FONT>
<BR><FONT SIZE=3D2>Please see the official ORACLE-L FAQ: <A =
HREF=3D"http://www.orafaq.net" =
TARGET=3D"_blank">http://www.orafaq.net</A></FONT>
<BR><FONT SIZE=3D2>-- </FONT>
<BR><FONT SIZE=3D2>Author: Stefan Jahnke</FONT>
<BR><FONT SIZE=3D2>&nbsp; INET: Stefan.Jahnke_at_bov.de</FONT>
</P>

<P><FONT SIZE=3D2>Fat City Network Services&nbsp;&nbsp;&nbsp; -- =
858-538-5051 <A HREF=3D"http://www.fatcity.com" =
TARGET=3D"_blank">http://www.fatcity.com</A></FONT>
<BR><FONT SIZE=3D2>San Diego, =
California&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -- Mailing list =
and web hosting services</FONT>
<BR><FONT =
SIZE=3D2>---------------------------------------------------------------=


------</FONT>

<BR><FONT SIZE=3D2>To REMOVE yourself from this mailing list, send an =
E-Mail message</FONT>
<BR><FONT SIZE=3D2>to: ListGuru_at_fatcity.com (note EXACT spelling of =
'ListGuru') and in</FONT>
<BR><FONT SIZE=3D2>the message BODY, include a line containing: UNSUB =
ORACLE-L</FONT>
<BR><FONT SIZE=3D2>(or the name of mailing list you want to be removed =
from).&nbsp; You may</FONT>
<BR><FONT SIZE=3D2>also send the HELP command for other information =
(like subscribing).</FONT>
</P>

</BODY>
</HTML>


------_=_NextPart_001_01C349FE.26702D34--





------=_NextPartTM-000-7b912388-5e83-4c28-ab4a-ed9ae9649d6e

Content-Type: text/plain;
	name="ESPN_Disclaimer.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename="ESPN_Disclaimer.txt"

********************************************************************This e-mail message is confidential, intended only for the named recipient(s) above and may contain information that is privileged, attorney work product or exempt from disclosure under applicable law. If you have received this message in error, or are not the named recipient(s), please immediately notify corporate MIS at (860) 766-2000 and delete this e-mail message from your computer, Thank you.*********************************************************************2


Received on Mon Jul 14 2003 - 06:50:41 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US