| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.misc -> Re: Oracle security vulnerability, nuisance, or paranoia?
Thomas Kyte wrote:
...
>
> So, I can simplify your example into
>
> SQL> lock table T1;
>
>
> However, that aside, if your primary goal is to prevent select for
updates --
> you might be able to do something similar to this:
...
> ops$tkyte_at_ORA9IR2> create or replace view v
> 2 as
> 3 select x from t order by x;
>
> Thomas Kyte
> Oracle Public Sector
> http://asktom.oracle.com/
> opinions are my own and may not reflect those of Oracle Corporation
Casey:
Tom,
Thanks - very clear... and your LOCK TABLE point pretty much sealed the deal (my only remaining *sheepish* objection is semantic; I'd prefer the "FOR UPDATE" token were instead "LOCKING ROWS" or some such).
Your VIEW suggestion also hits the nail on the head for a solution - however, this is a large enough table (1E6 rows) that if a lot of users were doing table scans, the sorting overhead could quickly become a problem. Also, my manager (who honest-to-god feels that relational databases are largely convenient storage/access devices for flat files) "fears" DDL (and the notion of table renames, insert triggers, and transaparent views are new and frightening).
Since my management does not "fear" simple software changes to our code, I'm considering an approach of changing our code from a
CURSOR C1_CUR IS
SELECT * FROM T1
WHERE <conditions>
FOR UPDATE
UNLOCKED ONLY;
where "UNLOCKED ONLY" is like a sister command to "NOWAIT" which simply
ignores any rows which cannot be acquired without a NOWAIT violation?
Or would there be data integrity violations down that road?
Received on Tue Jan 11 2005 - 10:03:16 CST
 |
 |