RE: VPD with column masking

From: Kenneth Naim <kennaim_at_gmail.com>
Date: Tue, 20 Oct 2009 12:09:49 -0400
Message-ID: <01e901ca519f$c1e4fce0$45aef6a0$_at_com>

Yes it can be done. The function will be run by every user selecting from the table, so execute on the function should be granted to public. Within the function you can check for a list of hard coded users, or have it lookup the data in a table (which should be protected against changes using fga) or you can use a db role that can be granted to users, and check dba/all_role_privs.

Ken

From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of J. Dex
Sent: Tuesday, October 20, 2009 11:10 AM To: oracle-l_at_freelists.org
Subject: VPD with column masking

Using VPD with column masking, is it possible to set up a function/policy so it only applies to a small percentage of the users in the database?

I have a main schema with all the tables under that schema. I want a few of the users (not everyone) to only be able to look at some of the data that resides in those tables under that main schema. Is it possible to apply a function and policy to work that way? What is the best way to do that?

Hotmail: Free, trusted and rich email service. Get it <http://clk.atdmt.com/GBL/go/171222984/direct/01/> now.

--
http://www.freelists.org/webpage/oracle-l

Received on Tue Oct 20 2009 - 11:09:49 CDT

This message: [ Message body ]
Next message: Kenneth Naim: "RE: OEM"
Previous message: Dan Norris: "Re: 11gR1 on MacOSX"
In reply to: J. Dex: "VPD with column masking"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message