Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: PUP table

RE: PUP table

From: Reardon, Bruce (CALBBAY) <Bruce.Reardon_at_comalco.riotinto.com.au>
Date: Fri, 13 Aug 2004 14:00:19 +1000
Message-ID: <E10A27083F21674ABFAF6CD3D0BAC2F9016835@calbbsv025.cal.riotinto.org>


You can do with after logon on database trigger eg as per http://www.orafaq.com/scripts/security/notoad.txt

Note - sys can still connect
And, someone can just alter the name of client application to get around = it

SQL> CREATE OR REPLACE TRIGGER block_access   2 AFTER LOGON ON DATABASE
  3 BEGIN
  4 =20
  5 RAISE_APPLICATION_ERROR(-20000, 'No one can connect');   6 end;
  7 /

Trigger created.

SQL> show errors
No errors.
SQL> connect usera_at_db
Enter password:=20
ERROR:

ORA-00604: error occurred at recursive SQL level 1
ORA-20000: No one can connect
ORA-06512: at line 3


Warning: You are no longer connected to ORACLE. SQL> connect sys_at_db
Enter password:=20
Connected.
SQL>=20 SQL> drop trigger userb.block_access;

Trigger dropped.

SQL> connect usera_at_db
Enter password:=20
Connected.
SQL>=20
SQL>=20 HTH,
Bruce Reardon

-----Original Message-----
[mailto:oracle-l-bounce_at_freelists.org]On Behalf Of Tim Gorman Sent: Friday, 13 August 2004 1:49 PM

Unfortunately (or rather, fortunately), a failure in an AFTER LOGON = trigger
does not do anything to interfere with the session...

   SQL> connect scott/tiger
   Connected.
   SQL> create or replace trigger x

     2          after logon
     3          on schema
     4  begin
     5          raise_application_error(-20000, 'raise error');
     6  end x;
     7  /

   Trigger created.

   SQL> connect scott/tiger
   Connected.
   SQL>=20 However, in the "alert.log", it says:

   Thu Aug 12 21:43:03 2004
   Errors in file /Users/oracle/base/admin/TST1/udump/tst1_ora_8963.trc:

   ORA-00604: error occurred at recursive SQL level 1
   ORA-20000: AFTER LOGIN trigger exception
   ORA-06512: at line 2

And the trace file isn't much more helpful than that...


NOTICE
=20

This e-mail and any attachments are private and confidential and=20 may contain privileged information
=20

If you are not an authorised recipient, the copying or distribution=20 of this e-mail and any attachments is prohibited and you must not=20 read, print or act in reliance on this e-mail or attachments
=20

This notice should not be removed




Please see the official ORACLE-L FAQ: http://www.orafaq.com

To unsubscribe send email to: oracle-l-request_at_freelists.org put 'unsubscribe' in the subject line.
--
Archives are at http://www.freelists.org/archives/oracle-l/
FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html
-----------------------------------------------------------------
Received on Thu Aug 12 2004 - 22:56:09 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US