Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.misc -> Re: Question RE: GRANTS
A procedure executes with the rights of the OWNER
which created it. When you EXEC the procedure,
you are "becoming" the owner for an instant.
I would think that to prevent this, you must also REVOKE the rights which say:
grant execute on Procname to User
Because you cannot guarantee knowing the rights
of the Owner who compiled the procedure.
This can be dangerous or powerful depending on how you look at it. OWNER with DBA rights could write a procedure to create users, etc. and if EXECUTE was granted to public, then plain users have the power of DBA while the procedure was executing. On the other hand, if done carefully, it can be a powerful and useful tool to perform needed actions on behalf of the user.
Robert Proffitt
Beckman Coulter
-----------== Posted via Deja News, The Discussion Network ==---------- http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own Received on Thu May 06 1999 - 10:58:38 CDT