Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Using TOAD on production databases

RE: Using TOAD on production databases

From: Jesse, Rich <Rich.Jesse_at_quadtechworld.com>
Date: Tue, 17 Aug 2004 15:25:26 -0500
Message-ID: <FBE1FCA40ECAD41180400050DA2BC54004E93C79@qtiexch2.qgraph.com>


I understand and agree with your position, but it wasn't the point -- the point was allowing the sometimes dangerous ease of TOAD into a production DB with hopefully the least amount of destructive ability. It may be construed as security-through-obscurity (which is not security at all), but in some cases, it has it's place. It's orders of magnitude easier for a TOAD user to accidentally drop all tables in a schema than it is in SQL*Plus. And the Schema Browser is an accident that's waiting to happen. He11, I'm just happy that 9i doesn't allow an account with DELETE ANY TABLE to muck up the DD! :)

Rich

-----Original Message-----

Sent: Tuesday, August 17, 2004 1:59 PM
Subject: RE: Using TOAD on production databases

Rich,

Why in the world go through all of this? Why not do it the right way?
Why not use Oracle security as it is designed - do not grant any more access than a person needs.

I'll bet you a $100. Go ahead and set up security based on denial of access from Toad. Give me an Oracle account with full access to the database. And I'll be selling your database's data on e-bay in about 10 minutes.

It is simply foolish to attempt to apply security policy on an Oracle database based on the tool that a person connects with. Foolish and a waste of time.

Hope this helps.

Tom Mercadante
Oracle Certified Professional



Please see the official ORACLE-L FAQ: http://www.orafaq.com

To unsubscribe send email to: oracle-l-request_at_freelists.org put 'unsubscribe' in the subject line.
--
Archives are at http://www.freelists.org/archives/oracle-l/
FAQ is at http://www.freelists.org/help/fom-serve/cache/1.html

-----------------------------------------------------------------
Received on Tue Aug 17 2004 - 15:21:00 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US