Hi there everyone,
This has probably been asked in the past, so please take it easy with me.
We are looking at using PC and Mac clients to access a number of Oracle V6/V7
databases on DEC Ultrix servers. Because the data is confidential (it has
payroll, student, exams and such), security must be tightly controlled.
I would like some information from anyone who is using client/server
architecture on how they dealt with security. One option given to me
was to allocate two usernames to each user - one to access the databases
directly, which has all required table grants; the other to be used for
access from a client, and has only SELECT access. The first username can
be OPS$, while the second is not, and apparently SQL*Net can be configured
to disallow OPS$ logins.
Does anyone have any comments on this sort of solution, and can you offer
any other ideas or possibilities.
Many thanks. Could you email me direct, I don't get to look at this group
very regularly. If any one else is interested, I'll post a summary of
the responses later.
Karen
Karen Payten
Database Administrator
Computing and Communications Services