Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: Priviliges for SQL running inside a Procedure

Re: Priviliges for SQL running inside a Procedure

From: Phil Britton <phil.britton_at_prismtechnologies.com>
Date: 01 Dec 1999 10:35:57 +0000
Message-ID: <un1rvq776.fsf@prismtechnologies.com> 





Thomas Kyte <tkyte_at_us.oracle.com> writes:



> A copy of this was sent to "Daniel Reis" <dreis_at_capgemini.fr>


> (if that email address didn't require changing)


> On Mon, 29 Nov 1999 14:43:25 -0000, you wrote:


> 


> >SQL running inside a stored procedure runs with the permissions granted to


> >the procedures owner.


> >Is there a way to change this so that it runs with the caller's permissions


> >


> >TIA



> >


> >Daniel Reis


> >


> 


> 


> In Oracle8i, release 8.1, yes -- you can define a procedure with "authid


> current_user" which means that SQL and dynamic PLSQL calls are executed with the


> current privelege set (inclusive of roles) of the currently logged in user.


> 


> Prior to that -- no.


> 






However, if you call the procedures over JDBC, they aways execute with
callers privileges, not matter how they are defined. This is a known
bug which has been reported to Oracle and is in the bug database
awaiting repair,



cheers



Phil



--


Philip W. Britton


Productisation & Support Manager (Asset Lifecycle Databases)
PrismTech Ltd,  UK.


Tel +44 191 497 9919       http://www.prismtechnologies.com

Received on Wed Dec 01 1999 - 04:35:57 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US