Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.misc -> Re: Oracle Applications DBA question

Re: Oracle Applications DBA question

From: Daniel Morgan <damorgan_at_x.washington.edu>
Date: Sat, 04 Sep 2004 07:32:42 -0700
Message-ID: <1094308422.805724@yasure> 





Andrew wrote:



> Is there any guidelines whether end users allowed to use sql*plus or

> similar tools to query database. We use Oracle Applicatons 11i. End

> users could use Discoverer to create reports and it use same security

> as OA. If end users want to use sql*plus, we need to set up roles or

> something like that to limit their access. I'm just curious what other

> shop do. Should we allow users to use sql*plus? Thanks.




I would rather put a loaded gun into the hands of an end-user than give
him or her access to SQL*Plus.



Even if you assume that you have created a read-only access they are
still more than capable of any of the following:



    
  
  1.   Cartesian products
  
  2.   Invalid joins
  
  3.   Inability to format results
  
  4.   Inability to construct a SQL statement
  
  5.   Inability to repeat a SQL statement the same way next time






And most are far more creative than that.



Remember their inaccurate result sets will be used to decide your
fate in that they will be used to make business decisions.



My suggestion would be to get Oracle Discoverer or a similar
product such as Business Objects and create an end-user layer
and tools they can use for constructing their queries.


-- 
Daniel A. Morgan
University of Washington
damorgan_at_x.washington.edu
(replace 'x' with 'u' to respond)


Received on Sat Sep 04 2004 - 09:32:42 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US