Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Permissions on stored code

Re: Permissions on stored code

From: Pete Finnigan <plsql_at_petefinnigan.com>
Date: Wed, 7 Jan 2004 21:52:30 +0000
Message-ID: <X5OlmjAe+H$$Qxko@peterfinnigan.demon.co.uk> 





>Grant them select on sys.dba_source and sys.dba_triggers and they will have

>read-only access to the code.




hi,



This is a security risk as doing this would give your developers access
to all source and trigger details in the database not just the source of
the APPLICATION user. A better solution would be to create a view in the
application users schema that copied user_source and user_triggers for
the application user and grant select access on those views to the
developer users.



There are plenty of security checklists on my web site http://www.petefi
nnigan.com/orasec.htm if you are interested.



kind regards



Pete

-- 
Pete Finnigan
email:pete_at_petefinnigan.com
Web site: http://www.petefinnigan.com - Oracle security audit specialists
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.


Received on Wed Jan 07 2004 - 15:52:30 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US