Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Access Limitation
Life Learner wrote:
> Hi there,
>
> I'd like to know how to prevent end users from accessing system directly via
> sqlplus, toad etc, while let them do their work only in application level
> like forms, proc etc.
Put your application code in packages.
Grant execute on the packages to appropriate users.
As packages execute with the privileges of the owner, you can now remove
all user level insert, update, and deletes -- select too, if you wish to
go that far.
Problem solved -- you do not really care how your users execute your
well constructed and packaged procedures because all edits, and controls
are managed from within the package.
This is pretty much the only way to ensure that your system is secure from ad-hoc user updates.
-- AjAReceived on Tue Feb 25 2003 - 09:36:05 CST