Re: Changing Oracle Database Password

From: Jurij Modic <jurij.modic_at_mf.sigov.mail.si>
Date: 1998/02/05
Message-ID: <34da479f.8714667_at_www.sigov.si>#1/1

On 05 Feb 98 21:18:45 +0100, "Lothar Armbruester" <lothar.armbruester_at_rheingau.netsurf.de> wrote:

>This works only if the users have the 'alter user' privilege, which they
>should not!

This is not true. User can change his own password even if he has not been given ALTER USER privilege (which indeed should not be given to ordinar user because with this privilege he/she could alter *ANY* user).

>I wouldprefer this:
>
>grant connect to <username> identified by <password>;

Be aware that CONNECT isn't a privilege (as it was in Oracle6), it's a role which by default have some privileges that you might not want all users to have (for example ALTER SESSION or CREATE DATABASE LINK).

>Lothar
>--
>Lothar Armbrüster | lothar.armbruester_at_rheingau.netsurf.de
>Schulstr. 12 | lothar.armbruester_at_t-online.de
>D-65375 Oestrich-Winkel |

Regards,

Jurij Modic                             Republic of Slovenia
jurij.modic_at_mf.sigov.mail.si		Ministry of Finance
============================================================

The above opinions are mine and do not represent any official standpoints of my employer Received on Thu Feb 05 1998 - 00:00:00 CET

This message: [ Message body ]
Next message: Adrian G. Klingel: "Re: Changing Oracle Database Password"
Previous message: dasidwel_at_us.spammenot.oracle.com: "Re: Changing Oracle Database Password"
Maybe in reply to: John hagen: "Changing Oracle Database Password"
In reply to Lothar Armbruester: "Re: Changing Oracle Database Password"
Next in thread: Adrian G. Klingel: "Re: Changing Oracle Database Password"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message