Another Roles/Security Issue

From: Jennifer R. Amon <bamon_at_ocvaxc.cc.oberlin.edu>
Date: Wed, 09 Feb 1994 10:11:47 -0500
Message-ID: <bamon-090294101147_at_amon.cc.oberlin.edu>

We want to initially grant minimal select privileges to our users and then use an additional password-protected role that will be enabled by our software, granting all of the update/delete/insert privileges to the user only when the user is accessing the database through our software (forms, programs, reports, whatever).

We don't, however, want to hardcode the password into our applications.

We thought we'd create a database procedure to enable/disable this highly privileged role, but procedures cannot be used to enable/disable roles.

DBMS_SESSION.SET_ROLE can be used from PL/SQL to do what we want, but that PL/SQL cannot be used in a database procedure or trigger.

Suggestions?

Jennifer R. Amon            PHONE: (216) 775-6987
Houck Computing Center        FAX: (216) 775-8573
Oberlin College
Oberlin, OH 44074        INTERNET: bamon_at_ocvaxc.cc.oberlin.edu


_____________________________________________________________________

Received on Wed Feb 09 1994 - 16:11:47 CET

This message: [ Message body ]
Next message: Steve Corbett: "commit every x rows (V6)"
Previous message: Warren Van Wyck: "Re: Restricting the ps command"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message