Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> ODBC Bypassing Oracle's Security :-(

ODBC Bypassing Oracle's Security :-(

From: Brian Graham <grahamb_at_qouest.net>
Date: 1998/03/17
Message-ID: <350EA54B.594@qouest.net>#1/1 







I've set up an Oracle account where I've granted select priviledges
only on the desired tables. I've then set up synonyms to the tables.



  When I used ODBC32 and MsAccess '95, I find that I can update the
owner's tables directly, and via the synonyms I created. Again, the key
word is UPDATE. I wanted read-only access.



  I've already tried adding a entries into PRODUCT_USER_PROFILE
disabling updates and ODBC but that didn't resolve the issue. We are
using Oracle7 32 bit ODBC driver (production) 2.5.3.1.0B .



  Any suggestions? I don't intend to turn an inexperienced user loose
under these conditions. The intent here is to have LINKS to the tables,
so the user gets updated information. For now I guess I have to go with
snapshots of the database..

-- 
Brian Graham (grahamb_at_qouest.net)


Received on Tue Mar 17 1998 - 00:00:00 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US