Re: Oracle data security question

From: Joe Nardone <joe_at_access2.digex.net>
Date: 1995/08/11
Message-ID: <40gnst$96n_at_news4.digex.net>#1/1

John Jones (john_at_iluvatar.tip.duke.edu) wrote:
: What we are doing is with users and roles, but we only give them the
: select on the tables ( which they will have to have ), then the insert,
: updates and deletes are handled through stored procedures and only the
: users that need them are granted the role to execute them. Let me know
: if you need more info.

They don't have to have select on tables, either. All table access could be set up through roles.

There could be one security table which is readable by default, and the application would (depending on the security level in the table) set the appropriate role and open access to the table. If the role is password-protected no user could connect through SqlPlus (or whatever) and see the data.

Joe

: --------------------------------------------------------------------
: John Jones | my views are my own.........
: Oracle Consultant | no matter what company they are
: john_at_iluvatar.tip.duke.edu | coming from.
: --------------------------------------------------------------------

--
                                   
=------------------------------------------------------------------------=
Joe Nardone               |    
joe_at_access.digex.net      |

Received on Fri Aug 11 1995 - 00:00:00 CEST

This message: [ Message body ]
Next message: Jim Winterroth: "Re: Oracle data security question"
Maybe in reply to: Greg White: "Oracle data security question"
In reply to John Jones: "Re: Oracle data security question"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message