Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: PL/SQL Package Execution Privileges

Re: PL/SQL Package Execution Privileges

From: Sybrand Bakker <postbus_at_sybrandb.demon.nl>
Date: Thu, 6 Feb 2003 19:33:19 +0100
Message-ID: <v45aj0fguiu613@corp.supernews.com>

"Jeremy Ovenden" <newspostings_at_hazelweb.co.uk> wrote in message news:MPG.18acb72f32609d49896b5_at_news.cis.dfn.de...
> In article

[snip]
> Thanks Norman - would be interested to see Sybrand's view on your
> approach?
>
> cheers!
>
> BTW is this a top-posting / bottom-posting / anywhere-posting gorup?
>
> --
>
> jeremy
>

This is a group which try to avoid wasting bandwith (too many people crosspost everything anyway and never search the archives) and tries to avoid the nasty habits of Outlook Express users to top-post.

While Norman's approach would work, provided the database doesn't crash during the alter user command, but I still don't want to do it. The owner of Norman's procedure would need to have alter user privilege. The password of the account would need to be a *real* password, and it would have to be frequently changed itself, because once the password IS compromised, and the compromising user has access to the database by using sql*plus, he/she can do everything. Dangers come from the outside *AND* the inside!!! You would need to disallow sql*plus access to the account, and in the end you are asking yourself: why don't we change the dratted passwords ourselves anyway? What's the difference?

Regards

--
Sybrand Bakker
Senior Oracle DBA

to reply remove '-verwijderdit' from my e-mail address
Received on Thu Feb 06 2003 - 12:33:19 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US