Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Why does Oracle ignore role-based privs in procedures?

RE: Why does Oracle ignore role-based privs in procedures?

From: Looney, Jason <Jason.Looney_at_echostar.com>
Date: Wed, 3 Aug 2005 09:22:35 -0600
Message-ID: <B8C9CF34B3F7164282C8610C93BB94AF0E1FE775@riv-exchb1.echostar.com> 





I believe this is due to the fact that some roles require passwords to
enable them, and some roles are not enabled by default.  This means that the
only guaranteed privileges that it can compile with are the ones assigned to
the user, no roles.  This is why invoker rights were developed.



Also, I'm pretty confident that in 10g this isn't fixed.  It is as designed.
I'll verify this and let you know.



Jason.



-----Original Message-----


From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org]
On Behalf Of Greg Norris


Sent: Wednesday, August 03, 2005 9:00 AM
To: oracle-l_at_freelists.org


Subject: Re: Why does Oracle ignore role-based privs in procedures?



On 8/3/05, Jesse, Rich <Rich.Jesse_at_quadtechworld.com> wrote:


> Why would role-based security be disabled in procedures?  There must be

> a security issue here, but I'm not seeing it offhand.




I always assumed that it was somehow related to excessive levels of
stuponitron emissions. ;-)


-- 
"I'm too sexy for my code." - Awk Sed Fred.
--
http://www.freelists.org/webpage/oracle-l
--
http://www.freelists.org/webpage/oracle-l


Received on Wed Aug 03 2005 - 10:24:40 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US