Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: Question RE: GRANTS

Re: Question RE: GRANTS

From: <rtproffitt_at_my-dejanews.com>
Date: Thu, 06 May 1999 15:58:38 GMT
Message-ID: <7gse7b$2tu$1@nnrp1.deja.com>


A procedure executes with the rights of the OWNER which created it. When you EXEC the procedure, you are "becoming" the owner for an instant.

I would think that to prevent this, you must also REVOKE the rights which say:

     grant execute on Procname to User
Because you cannot guarantee knowing the rights of the Owner who compiled the procedure.

This can be dangerous or powerful depending on how you look at it. OWNER with DBA rights could write a procedure to create users, etc. and if EXECUTE was granted to public, then plain users have the power of DBA while the procedure was executing. On the other hand, if done carefully, it can be a powerful and useful tool to perform needed actions on behalf of the user.

Robert Proffitt
Beckman Coulter

-----------== Posted via Deja News, The Discussion Network ==---------- http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own Received on Thu May 06 1999 - 10:58:38 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US