RE: Security/Accounts in an Oracle development environment

Hey Paula,

Since I'm dealing with SQL Server 2K and 2K5 now, I can tell you that "easier" and "security model" don't necessarily mix, at least from the DBA's perspective.

Have you thought about creating a proc/package in the app schema to manage creation of the objects, since the proc would be invoked with owner's rights? For security, there's still a level of trust you'll need if you allow creation of procedures by this master procedure (e.g. dev could create a procedure to grant them full access on any object in that schema), and you should be able to find a few examples on the web. AUDIT is a good helper here, too...

Just a suggestion. I used to be in the same boat you're in, but without the ability to secure the app login password...

GL!
Rich

> Okay,
>
> Version: Oracle 8i - is it better in 10g???
> OS: Solaris
>
> This is driving me crazy and I cannot help thinking that SQL Server
> provides an easier security model.....
>
> In our development environment we set up schemas. Those schemas, of
> course, own all the objects associated with an application in a database.
>
> So, to provide read/write access (i.e. the ability to modify objects in
> that schema) the choices are:
>
> A-give that schema usercode/password (what if multiple developers?????) -
> we appoint an "application dba"
>
> B-give that person the ability to create any table, .... or any of the ***
> any privileges which to me is even worse.
>
> Is there an add-on, another option?
>
> Thanks,
> Paula

--
http://www.freelists.org/webpage/oracle-l