Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: ODBC ignores priveleges?

Re: ODBC ignores priveleges?

From: Gerard Tromp <tromp_at_sanger.med.wayne.edu>
Date: Sat, 26 Jun 1999 00:25:28 -0400
Message-ID: <37745638.B1F3CF76@sanger.med.wayne.edu>


(Courtesy copy to tkyte_at_us.oracle.com, "Sybrand Bakker" <postbus_at_sybrandb.demon.nl> )

Thanks to all who replied.

        Thomas was correct in that nothing should be able to bypass 'security'. That was my assumption but I needed some guidance to find the problem. Learned some more about administration: auditing helped resolve the fact that as Sybrand Bakker suggested there was a pesky 'select any table' privelege hidden in a role. Kevin Loney and Rachel Carmichael's book with scripts (ORACLE: SQL & PL/SQL Annotated Archives) was useful in helping to display the priveleges neatly.

        Apologies for bothering everyone.

Thomas Kyte wrote:
>
> select USER from dual
>
> via odbc and see who the odbc driver is logging in as. Perhaps you have stored
> a fixed username/password wit the odbc setup.
>
> odbc, nor anything, can bypass 'security'. You must be logging in as someone
> you are not expecting to be logged in as.
>
> A copy of this was sent to Gerard Tromp <tromp_at_sanger.med.wayne.edu>
> (if that email address didn't require changing)
> On Thu, 24 Jun 1999 13:42:28 -0400, you wrote:
>

[snip]

--

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
Gerard Tromp, Ph.D.
CMMG, Wayne State University    vox:	313-577-8773
3116, Scott Hall		fax: 	313-577-5218
540 E Canfield Ave		e-mail: tromp_at_sanger.med.wayne.edu
Detroit, MI 48201                       gtromp_at_cmb.biosci.wayne.edu
Received on Fri Jun 25 1999 - 23:25:28 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US