Oracle FAQ Your Portal to the Oracle Knowledge Grid

Home -> Community -> Mailing Lists -> Oracle-L -> New two part paper on Row Level Security

New two part paper on Row Level Security

From: Pete Finnigan <>
Date: Mon, 10 Nov 2003 05:04:33 -0800
Message-ID: <>

Hi everyone,

I have recently written a paper on row level security in Oracle for publication by security focus. This paper is a two part paper and the first part is published, the second part will be published later this week.

part one introduces row level security, talks about the various names it has and also why you might want to use it with listed advantages. I go on to talk about how it works and how to implement a simple example working through the various steps with example code. I then go on to test the example with differing scenarios to check it performs against the business rules defined. I talk about a couple of issues and tips.

part two goes on to look into how to explore the database looking at what row level security settings are in use or indeed if it is in use, by querying v$ views, I also discuss how to use the dictionary views to understand the setup and then go on to explore how to derive the SQL including predicate from the database and also how to see if row level security is in use by inference. I also discuss some of the issues with its use. As usual I also throughout make suggestions about protecting what configuration can be read from the database.

A link to part one can be found here:

kind regards


Pete Finnigan
Web site: - Oracle security audit specialists Book:Oracle security step-by-step Guide - see for details.


Please see the official ORACLE-L FAQ:

Author: Pete Finnigan

Fat City Network Services    -- 858-538-5051
San Diego, California        -- Mailing list and web hosting services
To REMOVE yourself from this mailing list, send an E-Mail message to: (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing). Received on Mon Nov 10 2003 - 07:04:33 CST

Original text of this message