Another Roles/Security Issue
From: Jennifer R. Amon <bamon_at_ocvaxc.cc.oberlin.edu>
Date: Wed, 09 Feb 1994 10:11:47 -0500
Message-ID: <bamon-090294101147_at_amon.cc.oberlin.edu>
Date: Wed, 09 Feb 1994 10:11:47 -0500
Message-ID: <bamon-090294101147_at_amon.cc.oberlin.edu>
We want to initially grant minimal select privileges to our users and then use an additional password-protected role that will be enabled by our software, granting all of the update/delete/insert privileges to the user only when the user is accessing the database through our software (forms, programs, reports, whatever).
We don't, however, want to hardcode the password into our applications.
We thought we'd create a database procedure to enable/disable this highly privileged role, but procedures cannot be used to enable/disable roles.
DBMS_SESSION.SET_ROLE can be used from PL/SQL to do what we want, but that PL/SQL cannot be used in a database procedure or trigger.
Suggestions?
Jennifer R. Amon PHONE: (216) 775-6987 Houck Computing Center FAX: (216) 775-8573 Oberlin College Oberlin, OH 44074 INTERNET: bamon_at_ocvaxc.cc.oberlin.eduReceived on Wed Feb 09 1994 - 16:11:47 CET
_____________________________________________________________________