Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> 9iR2, grant select on a column (without using views) using RLS

9iR2, grant select on a column (without using views) using RLS

From: rahul <rahul_at_infotech.co.id>
Date: Fri, 22 Aug 2003 22:34:27 -0800
Message-ID: <F001.005CC8BF.20030822223427@fatcity.com>


list, i'm ikn the process of designing security for a highly sensitive schema for a bank,

plan:
have multiple oracle users, and use roles, and grant minimum required privs, all the user/role/privs management coded in the application (with in turn would create the db role and user etc)

probolem:
i cannot do a "grant select(col1)on tabname to role1", as select grant on a column level is not supported, to workaround this i must

  1. use views and include all the columns granted seleted privs for a user, then give grant select on this view to user.
  2. somehow use RLS ??

TIA
-Rahul

--

Please see the official ORACLE-L FAQ: http://www.orafaq.net
--

Author: rahul
  INET: rahul_at_infotech.co.id

Fat City Network Services    -- 858-538-5051 http://www.fatcity.com
San Diego, California        -- Mailing list and web hosting services

---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). Received on Sat Aug 23 2003 - 01:34:27 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US