Re: Oracle Security

From: David J. Gimpelevich <davidgi_at_rossinc.com>
Date: Thu, 25 Aug 1994 19:57:44 GMT
Message-ID: <1994Aug25.195744.3366_at_rossinc.com>

In <33anto$rv9_at_nova.sti.nasa.gov> khuguley_at_casi.sti.nasa.gov writes:

>In article <33agnaINNo3_at_blackhole.delmarva.com> carter_at_blackhole.delmarva.com (Bob Carter) writes:
>>have update access when using IS developed applications. We use SQL*Forms 3.0, SQL*Menu5.0, SQL*Reportwriter 1.0, Oracle forms 4.0 and Oracle Reports 2.0 for IS developed applications. End users use Q&E, SQL*Plus, Crystal Reports, etc for adhoc access to data. All of our databases are at 7.0.15 or above. Please email me directly. Thanks.
>>
>>
>I would be interested in this info also.

>Thanks
>K. Huguley
>NASA Center for AeroSpace Information

One way, (that was advocated a few years ago by Sybase consulting) is as follows:

Do not grant any but select priviliges to any users for any tables
Create stored procedures with update rights to the appropriate tables
Grant the users execute rights to the stored procedures

Hope this helps

-djg Received on Thu Aug 25 1994 - 21:57:44 CEST

This message: [ Message body ]
Next message: Kent Milligan: "Re: Benchmarks"
Previous message: Kim Ng: "SEATTLE:contract position-ORACLE,C,UNIX"
In reply to: khuguley_at_casi.sti.nasa.gov: "Re: Oracle Security"
In reply to khuguley_at_casi.sti.nasa.gov: "Re: Oracle Security"
Next in thread: Joel Garry: "Re: Is this stuff really SQL 92 compliant"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message