Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Denying ODBS connections or restricting those users

Re: Denying ODBS connections or restricting those users

From: Ban Spam <ban-spam_at_operamail.com>
Date: Fri, 05 Oct 2001 00:09:34 GMT
Message-ID: <Xns9130AE8E73136SunnySD@24.0.3.73> 





jerra_at_aland.net (Jerra) wrote in 


news:3f495dc1.0110040339.5949d8be_at_posting.google.com:



> Are there any way of doing this? v$session to my knowledge does not

> store any information that could be used for this.

> 

> I could make a postlogon trigger that checked the program name that

> the user uses but that is not enough. Just to change the name of the

> exe file to bypass such a check.

> 

> My problem is users logging in via ODBC, some should be able to do

> this but not have access to the same tables they would have if they

> used the client program.

> Using Excel & MS Query would enable the user to practically dump the

> schema to the client.....if they have the same rights as if using the

> client program.

> 

> This is dangerous...

> 

> Best Regards

> Jerra

> 




With 8i+ which supports logon triggers, you could write
a logon trigger that checks V$SESSION.PROGRAM. If the
program is NOT on the approved white-list, terminate the
session.
Received on Thu Oct 04 2001 - 19:09:34 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US