Re: session control
Date: Sun, 22 Dec 2002 13:22:16 +0100
Message-ID: <v0bd5jt1rgkrad_at_corp.supernews.com>
[Quoted] "pradip_chanda" <member_at_dbforums.com> wrote in message
news:2310094.1040545277_at_dbforums.com...
>
> I have an application (IDS -Forms) ithrough which when a user logs in ,
> gets permission to insert/update tables. But this permission he does not
> have otherwise. This was done so that a user is not able to edit tables
> through any applicationsn (e.g. sqlplus) other than the forms.
>
> But if the user has already got a running session through the above
> mentioned application he can login & edit tables through 'sqlplus'. This
> I don't want. By database is Oracle 8i Enterprise Edition 8.1.7.
>
> Any idea!
>
> --
> Posted via http://dbforums.com
1 - use the product_profile feature, still present in sql*plus to disable it
completely
2 set the init.ora parameter resource_limit to true, so you can CREATE
PROFILE to limit the number of sessions per user and the number of logins
3 Make sure RI is enforced in the database instead of the application, so
people using sql*plus can't do any harm
4 deinstall sql*plus from all systems that don't need it.
5 get some treatment for your symptoms of paranoia. If your application is
secure and you only allow access to users with legitimate rights, and your
privileged accounts are secure, there is nothing to worry about.
-- Sybrand Bakker Senior Oracle DBA to reply remove '-verwijderdit' from my e-mail addressReceived on Sun Dec 22 2002 - 13:22:16 CET