Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Access to LOB columns
In article <970424123.3435.0.nnrp-08.9e984b29_at_news.demon.co.uk>,
"Jonathan Lewis" <jonathan_at_jlcomp.demon.co.uk> wrote:
> Plan B:
>
> Create a function for each lob column that
> returns the lob locator, having set the lob
> to read only in the function. Create a view
> on top of the table which replaces the lob
> column with the lob locator.
>
> If the user tries to select for update, they
> will, but when they try to update the lob
> they will get error 22294 - cannot update
> a lob opened in read only mode.
This is true - except that the user can simply re-open the locator in write-mode. I'm afraid that I tried this approach as well...
It really does seem that once you have a locator, you can write to it; regardless of what's been done to the locator previously.
FWIW I also tried denying the user EXECUTE access to dbms_lob: that doesn't help because there are direct OCI calls for updating LOBs, which don't use the PL/SQL package.
thanks..
.robin.
Sent via Deja.com http://www.deja.com/
Before you buy.
Received on Tue Oct 03 2000 - 06:25:43 CDT