Re: linux/sqlplus scripting to obscure permissions
Date: Wed, 14 Oct 2015 15:06:54 +0000 (UTC)
Message-ID: <687076344.226949.1444835214560.JavaMail.yahoo_at_mail.yahoo.com>
I see a theme here.. internal database code.. PL/SQL to the rescue! Thanks.. I'll give that a go.
From: "Deas, Scott" <Scott.Deas_at_lfg.com> To: "ckaj111_at_yahoo.ca" <ckaj111_at_yahoo.ca>; Oracle-l Digest Users <oracle-l_at_freelists.org> Sent: Wednesday, October 14, 2015 10:42 AM Subject: RE: linux/sqlplus scripting to obscure permissions
#yiv6982908686 #yiv6982908686 -- _filtered #yiv6982908686 {font-family:Helvetica;panose-1:2 11 6 4 2 2 2 2 2 4;} _filtered #yiv6982908686 {font-family:Helvetica;panose-1:2 11 6 4 2 2 2 2 2 4;} _filtered #yiv6982908686 {font-family:Calibri;panose-1:2 15 5 2 2 2 4 3 2 4;} _filtered #yiv6982908686 {font-family:Tahoma;panose-1:2 11 6 4 3 5 4 4 2 4;}#yiv6982908686 #yiv6982908686 p.yiv6982908686MsoNormal, #yiv6982908686 li.yiv6982908686MsoNormal, #yiv6982908686 div.yiv6982908686MsoNormal {margin:0in;margin-bottom:.0001pt;font-size:12.0pt;}#yiv6982908686 a:link, #yiv6982908686 span.yiv6982908686MsoHyperlink {color:blue;text-decoration:underline;}#yiv6982908686 a:visited, #yiv6982908686 span.yiv6982908686MsoHyperlinkFollowed {color:purple;text-decoration:underline;}#yiv6982908686 span.yiv6982908686EmailStyle17 {color:#1F497D;}#yiv6982908686 .yiv6982908686MsoChpDefault {font-size:10.0pt;} _filtered #yiv6982908686 {margin:1.0in 1.0in 1.0in 1.0in;}#yiv6982908686 div.yiv6982908686WordSection1 {}#yiv6982908686 Chris, Are you sure you want this controlled directly in the script? Would it make more sense to have a package do the work, and the users have access to execute the package? If you really do want to use the script, I would look into Oracle wallets if you want to hide the authentication of the script from the user, but my preference would be individual login accounts with access to execute the package (which gives you auditing options as a result). Thanks, Scott
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org]On Behalf Of Chris King
Sent: Wednesday, October 14, 2015 10:27 AM
To: Oracle-l Digest Users
Subject: linux/sqlplus scripting to obscure permissions I've written two sql scripts which can be used to expand a tablespace. The intent is to make these scripts available to non-DBAs to manage potential off-hours issues. Because the scripts will be run by non-DBAs, I would like to modify them such that the user will not have direct passwords or database permissions, but just permission to execute the scripts. i.e. the scripts will handle all permission issues. I'm having trouble finding the details of how to do this both on the linux and oracle side of things. So far for Oracle, I've found the externally identified type accounts, but I'm concerned that this may not be secure. And for scripting on linux, I'm at a loss. Could someone point me in the right direction? Many thanks! Notice of Confidentiality: **This E-mail and any of its attachments may contain
Lincoln National Corporation proprietary information, which is privileged, confidential,
or subject to copyright belonging to the Lincoln National Corporation family of
companies. This E-mail is intended solely for the use of the individual or entity to
which it is addressed. If you are not the intended recipient of this E-mail, you are
hereby notified that any dissemination, distribution, copying, or action taken in
relation to the contents of and attachments to this E-mail is strictly prohibited
and may be unlawful. If you have received this E-mail in error, please notify the
sender immediately and permanently delete the original and any copy of this E-mail
and any printout. Thank You.**
-- http://www.freelists.org/webpage/oracle-lReceived on Wed Oct 14 2015 - 17:06:54 CEST