Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Security Problem
The best solution (in my experience) just remove user's access to sqlplus. If it's possible, of course.
Regards, Alex Filonov
In <334EB195.51B4_at_gobora1.pdc.cummins.com>, Rob Quiles <rquiles_at_gobora1.pdc.cummins.com> writes:
>Insoo Kang wrote:
>>
>> We have an application that allows you to delete and update records in
>> a table. The problem is that a same user can login using sqlplus and
>> delete the entire records in a table. In order to prevent this, I
>> came up with the following scheme: revoke table access privilege if
>> a user is connecting via sqlplus or any other applications.
>>
>> I can write a trigger that sends a message to a pro*c application that
>> revokes table access privilege, but the problem is that v$session is a
>> view not a table so I can't write a trigger based on v$session view.
>> Does anybody have a suggestion how I can accomplish this whether it be
>> through a trigger or some other means?
>>
>> --Insoo
>
>Have you considered using the PRODUCT_USER_PROFILE table to restrict
>users when using SQL*Plus? If you run the PUPBLD.SQL script it will
>create the above table and you can disable commands, (temporarily)
>revoke role privileges, etc.
>
>--
>~~~~ Rob Quiles rquiles_at_tacticsus.com
>~~~ Tactics, Inc. rquiles_at_sprintmail.com
>~~ Atlanta/Charlotte/Memphis/Orlando
>~ http://www.tacticsus.com
Received on Sat Apr 26 1997 - 00:00:00 CDT