Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: 9iDB Security Hole?
In article <1019115403.14293.0.nnrp-07.9e984b29_at_news.demon.co.uk>, you
said (and I quote):
> How many systems still create users with:
> grant connect to userX identified by passwordX;
>
>
> Despite the fact that roles DBA, RESOURCE
> and CONNECT have been contra-indicated for the
> last 5 years or so.
>
> The CONNECT role includes the CREATE VIEW
> privilege.
You're right. I haven't used those in years in production systems. Since I found out the hard way one could create synonyms in V7 with just CONNECT. Use my own modified versions since then. One of the reasons Oracle consultants yell out that I "modify" the standard Oracle database dictionary in systems I take care of. Well, yes I do. In "little" unimportant things like this...
-- Cheers Nuno Souto nsouto_at_optushome.com.au.nospamReceived on Thu Apr 18 2002 - 07:06:33 CDT