Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: PERMISSIONS: Viewing, Altering and executing stored procedures/packages/functions

RE: PERMISSIONS: Viewing, Altering and executing stored procedures/packages/functions

From: Leonard, George <GLeonard_at_wesbank.co.za>
Date: Mon, 7 Feb 2005 14:31:51 +0200
Message-ID: <1831A554E8800049B6B970790D2513C001C361D3@fnbkrkmx01.fnb.co.za>


Hmm

Now that I think about it, the view covers the viewing of code, but does not do anything for the problem if they can execute code they can alter it and this is one of our big problems...

George

=20________________________________________________
George Leonard
Oracle Database Administrator
New Dawn Technologies @ Wesbank
E-mail:gleonard_at_wesbank.co.za
=20
You Have The Obligation to Inform One Honestly of the risk, And As a Person
You Are Committed to Educate Yourself to the Total Risk In Any Activity! Once Informed & Totally Aware of the Risk, Every Fool Has the Right to Kill or Injure Themselves as They See Fit! =20

-----Original Message-----
From: rjamya [mailto:rjamya_at_gmail.com]=20 Sent: 07 February 2005 14:03 PM
To: Leonard, George
Cc: Oracle L (E-mail); Desplace, Laura
Subject: Re: PERMISSIONS: Viewing, Altering and executing stored procedures/packages/functions

create a system owned view dba$source as select * from xxx_source and then allow developers select from it. In fact, create a private synonym for each of them ...

create or replace duh_1.dba_source for system.dba$source /

create or replace duh_1.all_source for system.dba$source /

That should do the trick ... then you don't have to give 'execute any' privilege, just select on dba$source will do.

Raj

On Mon, 7 Feb 2005 11:10:48 +0200, Leonard, George <GLeonard_at_wesbank.co.za> wrote:
> Hi all
>=20
> My Developers are at it again.
>=20
> Is there any way I can let people see and execute code without being
> able to alter it?
>=20
> Currently giving execute on code gives them permission to alter it and
> we want to stop this,
>=20
> Help please!!!
>=20
> George
> =3D20________________________________________________
> George Leonard
> Oracle Database Administrator
> New Dawn Technologies @ Wesbank
> E-mail:gleonard_at_wesbank.co.za
> =3D20
> You Have The Obligation to Inform One Honestly of the risk, And As a
> Person
> You Are Committed to Educate Yourself to the Total Risk In Any
Activity!
> Once Informed & Totally Aware of the Risk,
> Every Fool Has the Right to Kill or Injure Themselves as They See Fit!
> =3D20
>=20
>



_=3D
> __________________________
>=20
> The views expressed in this email are, unless otherwise stated, those
of =3D
> the author and not those
> of the FirstRand Banking Group an Authorised Financial Service
Provider o=3D
> r its management.
> The information in this e-mail is confidential and is intended solely
for=3D
> =3D20the addressee.
> Access to this e-mail by anyone else is unauthorised.
> If you are not the intended recipient, any disclosure, copying,
distribut=3D
> ion or any action taken or=3D20
> omitted in reliance on this, is prohibited and may be unlawful.
> Whilst all reasonable steps are taken to ensure the accuracy and
integrit=3D
> y of information and data=3D20
> transmitted electronically and to preserve the confidentiality
thereof, n=3D
> o liability or=3D20
> responsibility whatsoever is accepted if information or data is, for
what=3D
> ever reason, corrupted=3D20
> or does not reach its intended destination.
>=20
> =3D20 ________________________________
> --
> http://www.freelists.org/webpage/oracle-l
>=20

--=20



select standard_disclaimer from company_requirements where category =3D 'MANDATORY';
_________________________________________________________________________=
__________________________


The views expressed in this email are, unless otherwise stated, those of = the author and not those
of the FirstRand Banking Group an Authorised Financial Service Provider o= r its management.
The information in this e-mail is confidential and is intended solely for= =20the addressee.
Access to this e-mail by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, distribut= ion or any action taken or=20
omitted in reliance on this, is prohibited and may be unlawful. Whilst all reasonable steps are taken to ensure the accuracy and integrit= y of information and data=20
transmitted electronically and to preserve the confidentiality thereof, n= o liability or=20
responsibility whatsoever is accepted if information or data is, for what= ever reason, corrupted=20
or does not reach its intended destination.

=20                              ________________________________
--
http://www.freelists.org/webpage/oracle-l
Received on Mon Feb 07 2005 - 07:34:48 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US