Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Preventing SQLPLUS access?

Re: Preventing SQLPLUS access?

From: Nathan Hughes <nhughes_at_cerberus.umd.umich.edu>
Date: 1997/07/09
Message-ID: <5q1dhs$pch@cerberus.umd.umich.edu>#1/1 







Atul Ashar <aashar_at_usccmail.bms.com> writes:



>Hi Aram,

 


>I have had a similar situation. You are right about all non-oracle tools

>do not check User Product Profile.

 


>However, in your suggestion, user can start a session the way you are

>suggesting and then when you grant that role to the user, role is

>granted not just for the session. So, user can still connect to database

>using MS-Query with a different session before they disconnect from the

>session which granted them the role.

 


>How do you take care of that?




The User is granted one role as the default role - usually a db_login type
role that has only create session and alter session privs.  Any other roles
granted are NON default roles (and password protected).  The applicatino
enables the role (and passes the password, which the User knows nothign 
about), thus enabling the access. 



When the User logs in via SQL*Plus/Access/etc., they only get the privs 
granted to their default role - nothing.


-- 
/(o\ Nathan D. Hughes
\o)/ nhughes_at_umich.edu


Received on Wed Jul 09 1997 - 00:00:00 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US