Re: MS Access interface to Oracle 7

From: Jim Fondren <jim_at_cartotech.com>
Date: 1995/05/06
Message-ID: <3ogel1$9d5_at_nntp.crl.com>#1/1

ana_at_lamar.ColoState.EDU (Ana Silva) wrote:
>John Malathronas (John_at_scroll.demon.co.uk) wrote:
>
>: Indeed you can. This is a big problem, because once you
>: have installed ODBC and SQL*Net 2.0 - your users can go
>: directly to the tables and bypass any of your forms, be
>: they Visual Basic or ACCESS or Forms 4.5. Once you have
>: granted update/delete access to a table, thinking that
>: your user will always use a particular form, the user
>: can fire up Access and have access to the table records
>: RAW. It is terrible. It's as if you are giving all
>: your users SQLPLUS access to your database.
>
> We're thinking about taking care of this problem by using
> roles. To start, nobody has update/delete rights to anything.
> Whenever the form starts (startup trigger) it creates
> the roles granting permission to the specific users, allowing
> to change the table. When the user exits the form (post-form
> maybe) it "deletes" the role. We're still working on this,
> so I don't have all the details.

I would think that the technique of layering views on top of the raw tables would help. Never grant any access to the raw tables. Instead, create multiple views and restrict update access to only the particular views that really need it.

Hope this helps too :-)

Jim F Received on Sat May 06 1995 - 00:00:00 CEST

This message: [ Message body ]
Next message: Alex Long: "Re: How do we do an ascii dump of a table with a delimiter ?"
Previous message: John Moriarty: "Oracle 7 and double quotes"
Maybe in reply to: Martin Bradford: "Re: MS Access interface to Oracle 7"
Next in thread: Alex Long: "Re: How do we do an ascii dump of a table with a delimiter ?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message