RE: Privileges by session

From: Blanchard, William <>
Date: Thu, 7 Jan 2010 15:59:58 -0600
Message-ID: <>

That's the conundrum. They know the application passwords, there's no way around it. I need to lock them down to a read only session when they log on from sqlplus, SQL Developer, Toad, etc.

-----Original Message-----

From: Michael Fontana [] Sent: Thursday, January 07, 2010 3:58 PM To: Blanchard, William
Cc:; Jared Still Subject: Re: Privileges by session

But you said management told you they were to no longer have such privileges. IOW - They don't need them.

Game over.

Or are we missing something?

  • Original Message ----- From: "William Blanchard" <> To: "Jared Still" <> Cc: Sent: Thursday, January 7, 2010 3:49:35 PM GMT -06:00 US/Canada Central Subject: RE: Privileges by session

The application developers need the passwords for their applications. We have some old applications so there's no good way around this.

WGB From: Jared Still [] Sent: Thursday, January 07, 2010 3:48 PM To: Blanchard, William
Subject: Re: Privileges by session

On Thu, Jan 7, 2010 at 12:21 PM, Blanchard, William < > wrote:


I have convinced management to allow me to grant read-only access to the developers. The problem is that they know the application passwords and have been using those passwords to circumvent my controls. Is there a way via a Is there some reason the obvious solution wont' work?

That is, change the passwords.

It would seem the applications in question are not subject to SarbanesOxley,
HIPAA, PCI or any number of other legislated security policies. Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist Oracle Blog: Home Page:


Michael Fontana

Sr. Technical Consultant

Enkitec M: 214.912.3709



-- Received on Thu Jan 07 2010 - 15:59:58 CST

Original text of this message