Re: "Write once-Read many" table ?

From: <jm.scheiwiler_at_gmail.com>
Date: Thu, 28 Feb 2008 08:26:57 -0800 (PST)
Message-ID: <1b4de20d-59ea-4c97-afff-38b943ab0347@p25g2000hsf.googlegroups.com>


On Feb 28, 9:26 am, DA Morgan <damor..._at_psoug.org> wrote:
> jm.scheiwi..._at_gmail.com wrote:
> > Hello,
>
> > For legal reasons, we would like to create tables where one can
> > insert, select but never never delete nor update.
>
> > I know we can prevent delete and update with revoke grants or with
> > triggers but this is not satisfactory because grants can be re-granted
> > and triggers can be dropped.
>
> > We want to make sure that a line inserted will never be changed - even
> > by the owner of the schema or by SYS or by any powerful dba.
>
> > Is there a way to achieve this ?
> > Is there a module to ensure this (database vault...) ?
>
> > Thank you in advance
>
> > Jean-Michel
>
> You are incorrect in your assumptions.
>
> You can absolutely lock down a database with triggers so that grants
> can not be made: Even by SYS AS SYSDBA. Audit Vault and Database
> Vault are perfect examples of how to do this.
> --
> Daniel A. Morgan
> Oracle Ace Director & Instructor
> University of Washington
> damor..._at_x.washington.edu (replace x with u to respond)
> Puget Sound Oracle Users Groupwww.psoug.org

Thank you

Is it possible to lock down update and delete for a table forever ? (forever it the important word)
=> it is possible to ensure that these triggers will never be dropped by anyone with any privilege ? Received on Thu Feb 28 2008 - 10:26:57 CST

Original text of this message