Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Access Limitation

Re: Access Limitation

From: Andrew Allen <andrew.allen_at_handleman.com>
Date: Tue, 25 Feb 2003 15:36:05 GMT
Message-ID: <3E5B805A.9060604@handleman.com> 





Life Learner wrote:


> Hi there,

> 

> I'd like to know how to prevent end users from accessing system directly via

> sqlplus, toad etc, while let them do their work only in application level

> like forms, proc etc.




Put your application code in packages.


Grant execute on the packages to appropriate users.
As packages execute with the privileges of the owner, you can now remove 
all user level insert, update, and deletes -- select too, if you wish to 
go that far.


Problem solved -- you do not really care how your users execute your 
well constructed and packaged procedures because all edits, and controls 
are managed from within the package.



This is pretty much the only way to ensure that your system is secure 
from ad-hoc user updates.

--
AjA


Received on Tue Feb 25 2003 - 09:36:05 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US