Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Permissions on stored code
>Grant them select on sys.dba_source and sys.dba_triggers and they will have
>read-only access to the code.
hi,
This is a security risk as doing this would give your developers access to all source and trigger details in the database not just the source of the APPLICATION user. A better solution would be to create a view in the application users schema that copied user_source and user_triggers for the application user and grant select access on those views to the developer users.
There are plenty of security checklists on my web site http://www.petefi nnigan.com/orasec.htm if you are interested.
kind regards
Pete
-- Pete Finnigan email:pete_at_petefinnigan.com Web site: http://www.petefinnigan.com - Oracle security audit specialists Book:Oracle security step-by-step Guide - see http://store.sans.org for details.Received on Wed Jan 07 2004 - 15:52:30 CST