Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: ODBC Security

Re: ODBC Security

From: Fuzzy <granta_at_nospam.student.canberra.edu.au>
Date: Tue, 06 Apr 1999 03:35:51 GMT
Message-ID: <370980ce.449309923@newshost.interact.net.au> 





On Wed, 31 Mar 1999 11:58:13 +1000, Rawender Guron
<rawender_at_rta.nsw.gov.au> wrote:



>An Oracle 7.3 server needs to be accessed from a Win95 PC running ACL


>software using ODBC. What are the security implications of this?


>


>I heard that ODBC throws away all security. I am not sure what it means.


>





Not true.  It uses whatever privileges have been granted to the
connecting user.  Note this includes the PUBLIC role, and this is what
many sites forget about, and then they wonder why their users can
browse every table in the instance.



Clean up PUBLIC, and control privileges normally, and there'll be no
problems.



Ciao


Fuzzy


#;-)

Received on Mon Apr 05 1999 - 22:35:51 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US