Re: SQL*Net security - I know, you've heard it before...

Steve Baker <steve_at_iinet.net.au> wrote:
>A friend of mine is concerned about people logging on to the database with
>MS-Access, or Excel, and potentially screwing up the database. They have a
>custom application written with Visual Basic. Is there any way to determine
>what tool is being used to connect to the database?
>
>I suspected no, but you never know, there could be something useful. Does
>anyone have any relevant tips? Thanks.
>
>Please e-mail replies.
>
>sb
>--
>Steve Baker | The surest sign of other intelligent life in the universe
>steve_at_iinet.net.au | is that none of it has tried to contact us -- Calvin
>----------------------------------------------------------------------------
> Your limitations are restricted by your goals, not the other way around.
>

My advice would be to use Oracle7 roles for your base security for the VB applications. By default make each DB user have little or no priviledge. You can then make calls to the RDBMS from the app to dynamically enable the correct priviledge(s). If you wish to discuss this further, to fill in the gaps, please email me direct.

Regards,

Tony

-- 
 ----------------------------------------------------------------------------
| Tony Poulson			        		poulson_at_ebrd.com     |
| Database Administrator				                     |
| European Bank for Reconstruction and Development                           |
 ============================================================================