Re: "Write once-Read many" table ?
Date: Thu, 28 Feb 2008 00:26:49 -0800
> For legal reasons, we would like to create tables where one can
> insert, select but never never delete nor update.
> I know we can prevent delete and update with revoke grants or with
> triggers but this is not satisfactory because grants can be re-granted
> and triggers can be dropped.
> We want to make sure that a line inserted will never be changed - even
> by the owner of the schema or by SYS or by any powerful dba.
> Is there a way to achieve this ?
> Is there a module to ensure this (database vault...) ?
> Thank you in advance
You are incorrect in your assumptions.
You can absolutely lock down a database with triggers so that grants can not be made: Even by SYS AS SYSDBA. Audit Vault and Database Vault are perfect examples of how to do this.
-- Daniel A. Morgan Oracle Ace Director & Instructor University of Washington damorgan_at_x.washington.edu (replace x with u to respond) Puget Sound Oracle Users Group www.psoug.orgReceived on Thu Feb 28 2008 - 02:26:49 CST