Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: Security

Re: Security

From: Brett Neumeier <neumebm_at_hpd.abbott.com>
Date: 1997/09/10
Message-ID: <3416B0AB.8B058F24@hpd.abbott.com>#1/1 







> Bearing in mind that when you grant a user access to us tables via Oracle

> Forms this give them access to the database through other tools eg ODBC,

> SQLPlus has anyone any ideas on how to limit access just to Forms4.5 and

> perhaps Discoverer 2000




I haven't tried this, but possibly you could have the privileges encapsulated



in a role which is not enabled by default and which has a password?
(e.g.:


create role my_privilege_set identified by my_password;
grant my_privilege_set to a_user;


alter user a_user default role all except my_privilege_set;)



Then the role could be enabled by the Forms front-end upon connection to
the database. The password would have to be stored somewhere within
the front-end (or possibly in a parameter file or some such thing),
unfortunately; there is always a potential security problem when you
store a database in clear text anywhere.



-bn


neumebm_at_hpd.abbott.com
Received on Wed Sep 10 1997 - 00:00:00 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US