It is. Control access to the database via passwords. Application passwords
should not be given out to anyone, just the application.
--
Dave A
"Greg Stark" <greg-spare-1_at_mit.edu> wrote in message
news:873di6lrrt.fsf_at_HSE-MTL-ppp62507.qc.sympatico.ca...
>
> I have a wishlist feature I would love Oracle to support. In fact I'm
> surprised Oracle doesn't support it already. Perhaps there's a trick to
> accomplish what I want and I just don't know it?
>
> What I would like is to be able to set privileges such that my application
> cannot run _any_ query that doesn't have an outline already stored for it.
> Essentially what I want is to be able to guarantee that no code could
possibly
> go live without _every_ SQL query being analyzed and the plan approved by
a
> DBA. Any unapproved query should immediately get an error, not be run with
> some ad hoc query plan that could very well bring the whole application
down.
>
> It seems to me that anything less is simply inadequate for a production
> mission critical system. Given the types of applications that run on
Oracle
> I'm surprised this isn't a fundamental feature of the system since day 1.
>
> --
> greg
Received on Sun Oct 08 2000 - 22:04:13 CDT
