Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Security Problem

Security Problem

From: Insoo Kang <ikang_at_gradine.cis.upenn.edu>
Date: 1997/04/08
Message-ID: <5ie413$mi7@netnews.upenn.edu>#1/1 







We have an application that allows you to delete and update records in
a table.  The problem is that a same user can login using sqlplus and
delete the entire records in a table.  In order to prevent this, I
came up with the following scheme: revoke table access privilege if
a user is connecting via sqlplus or any other applications.  



I can write a trigger that sends a message to a pro*c application that
revokes table access privilege, but the problem is that v$session is a
view not a table so I can't write a trigger based on v$session view.
Does anybody have a suggestion how I can accomplish this whether it be
through a trigger or some other means?



--Insoo
Received on Tue Apr 08 1997 - 00:00:00 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US