Re: Would this work? Security
Date: Fri, 08 Sep 2000 16:55:13 GMT
Message-ID: <8pb5l5$31t$1_at_nnrp1.deja.com>
Hi
But if the user uses a 3rd part tool, he will not be constrained...
In article <4t1u5.21854$r4.11599_at_news.indigo.ie>,
"Conan" <conan_at_<no-spam>as-if.com> wrote:
> Hi Mike,
> look through your Oracle Documentation for PRODUCT_USER_PROFILE,
> basically what this does is to allow an administrator select which
commands
> are available to users for specific products.
>
> to quote from the sqlplus user manual
>
> "PRODUCT_USER_PROFILE Table
> Various Oracle products use PRODUCT_USER_PROFILE, a table in the
SYSTEM
> account, to provide product-level security that supplements the user-
level
> security provided by the SQL GRANT and REVOKE commands and user
roles. (SET
> ROLE requires Oracle7.)
>
> Overview
> DBAs can use PRODUCT_USER_PROFILE to disable certain SQL and SQL*Plus
> commands in the SQL*Plus environment on a per-user basis. SQL*Plus--
not
> Oracle--enforces this security. DBAs can even restrict access to the
GRANT,
> REVOKE, and SET ROLE commands to control users' ability to change
their
> database privileges.
> SQL*Plus reads restrictions from PRODUCT_USER_PROFILE when a user
logs in to
> SQL*Plus and maintains those restrictions for the duration of the
session.
> Changes to PRODUCT_USER_PROFILE will only take effect the next time
the
> affected users log in to SQL*Plus."
>
> HTH
>
> Conan
>
>
Sent via Deja.com http://www.deja.com/
Before you buy.
Received on Fri Sep 08 2000 - 18:55:13 CEST