Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Client application connects as schema owner - opinions please

Client application connects as schema owner - opinions please

From: Paul Brewer <paul_at_paul.brewers.org.uk>
Date: Mon, 22 Apr 2002 21:20:47 +0100
Message-ID: <3cc5aa01_1@mk-nntp-1.news.uk.worldonline.com> 





Oracle 8.1.7EE on hp11


(not that I think it's relevant in this case, but it's a good habit to quote

version).



I'd appreciate your thoughts: We are a DBA team in in a large project,
multi-team environment.



We have been supplied with a bespoke application developed by a software
house, which we are expecting to put into production in about 6 months from
now.



One of the client-side executables is a 'Sys Admin' module, which we am
told, 'must' connect as the schema owner (username and password are, we're
told, hard coded in the app - this is, we feel, sub-optimal, to say the
least).



Until now, our general practice (we run many Oracle databases) has been to
create an 'app-owner' user, and a number of 'app-user' type roles. We do
*not* disclose the app-owner passwords to anyone outside the DBA group,
either for development or production dbs.



Even leaving aside production for the moment, in the development environment
one reason for this is that if anyone can drop or alter tables, our version
control goes down the drain. If we (the DBA team) are responsible (which we
are) for ensuring that changes to multiple incarnations of the database


(development, system test, integration test, acceptance test and so forth)

are implemented correctly and consistently at different times, then it is
imperitive that we can control these changes as they are made. It seems to
us that if we surrender control of the 'app-owner' password, we will in the
long run be doing a disservice to our developers, as anarchy will doubtless
result.



On these (and numerous other) grounds, our inclination is to *insist* that
the offending module be changed to connect as a 'sysadmin' user, which we
will happily create, with whatever privileges are necessary to execute the
app successfully (but of course no more).



In the (expected) event that the third-party developers say they can't do
this.. it'll cost more.. it's a new requirement.. we're inclined to say that
this comes within the scope of being defective.



Are we being sane, or unreasonable?



I'd welcome any (constructive) comments or criticism on this.



Thanks in advance.



Paul


P.S. This is not college homework, it's a real world dilemma.
Received on Mon Apr 22 2002 - 15:20:47 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US