Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Security problem
I don't think that at the serverside Oracle can reliably detect what client
program is sending a command, so this can be no basis for a security scheme.
What I think you should do:
In this way end users can use the client software, but cannot themselves use
DML on the tables directly.
Maybe using stored procedures is already enough security and there is no
need for a secret parameter.
Jaap.
Sex_appeal heeft geschreven in bericht <87e9ri$kos$1_at_lola.ctv.es>...
>Hi,
>¿How can I avoid the user uses any application to access the database
>instead my application?
>I have some row level security tables, and I don't want to use views
>(performance reasons), so I have to improve security at application
>level, but If the users access the database with any other application
>(like SQL explorer), they could get any information within the table.
>¿Is there any way to avoid it?
>
>Thanks!
>
>
Received on Fri Feb 04 2000 - 06:27:00 CST