RE: Using SET CURRENT_SCHEMA for DDL and DCL

From: John Hallas <John.Hallas_at_morrisonsplc.co.uk>
Date: Mon, 17 Nov 2014 15:47:58 +0000
Message-ID: <EC65ECF8123FEE4D8FC5B212637C304001672DEAADDA_at_EXCH1.morrisonsplc.co.uk>

If anybody has the authority to login as SYSDBA then then could create the objects. Not everyone would have access to the users password so this is just a workaround

I am not sure I see a great problem with this. Probably not perfect but undoubtedly real-world

John

From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Hemant K Chitale Sent: 16 November 2014 15:23
To: ORACLE-L
Subject: Using SET CURRENT_SCHEMA for DDL and DCL

I am familiar with ALTER SESSION SET CURRENT_SCHEMA to define the scope for all queries and DML in a current session. Thus schema "OWNER" can grant privileges to account "USER" and account "USER" can login as himself and invoke ALTER SESSION SET CURRENT_SCHEMA to define the scope for object-resolution without using Synonyms.

Have you seen or would you condone this :

CONNECT / AS SYSDBA
ALTER SESSION SET CURRENT_SCHEMA = 'HEMANT' CREATE TABLE XYZ
GRANT SELECT ON XYZ TO 'CHITALE'

Wm Morrison Supermarkets Plc is registered in England with number 358949. The registered office of the company is situated at Gain Lane, Bradford, West Yorkshire BD3 7DL. This email and any attachments are intended for the addressee(s) only and may be confidential.

If you are not the intended recipient, please inform the sender by replying to the email that you have received in error and then destroy the email. If you are not the intended recipient, you must not use, disclose, copy or rely on the email or its attachments in any way.

This email does not constitute a contract in writing for the purposes of the Law of Property (Miscellaneous Provisions) Act 1989.

Our Standard Terms and Conditions of Purchase, as may be amended from time to time, apply to any contract that we enter into. The current version of our Standard Terms and Conditions of Purchase is available at: http://www.morrisons.co.uk/gscop

Although we have taken steps to ensure the email and its attachments are virus-free, we cannot guarantee this or accept any responsibility, and it is the responsibility of recipients to carry out their own virus checks.

--
http://www.freelists.org/webpage/oracle-l

Received on Mon Nov 17 2014 - 16:47:58 CET

This message: [ Message body ]
Next message: Rajesh Aialavajjala: "Re: RDA"
Previous message: Ray Stell: "Re: RDA"
In reply to: Hemant K Chitale: "Using SET CURRENT_SCHEMA for DDL and DCL"
Next in thread: Hans Forbrich: "Re: Using SET CURRENT_SCHEMA for DDL and DCL"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message