RE: select only user causing locks?

I object to the term "end-lusers".
End users are innocent.=20

And SELECT FOR UPDATE should be a separate object privilege next to = SELECT.
Oracle must redesign this in version 11h (hyperspace?)

Regards,
Andre

-----Oorspronkelijk bericht-----
Van: oracle-l-bounce_at_freelists.org =
[mailto:oracle-l-bounce_at_freelists.org]
Namens Mladen Gogala
Verzonden: vrijdag 29 april 2005 22:17
Aan: spatenau_at_gmail.com
CC: Oracle-L
Onderwerp: Re: select only user causing locks?

On 04/29/2005 12:45:24 PM, jungwolf wrote:

> A little research with some test accounts shows that, indeed, an
> account with only select privs can issue a select for update to lock a
> row, or even a lock table x in exclusive mode. Trying to update the
> locked row obviously results in "insufficient privileges", but until
> the read-only account ends the transaction other users are unable to
> modify the row.

Oh my gawd! This reinforces my beliefs that guns should be kept locked = in a=3D
 safe place!
If you give a gun to a childish person, it will shoot itself in a foot, = at =3D
best. This=3D20
is a typical case of shooting yourself in each foot, and twice, to make = sur=3D
e that you=3D20
will be unable to walk!
First, you don't ever give end-lusers a tool that can issue ad-hoc = queries.=3D
 You make darned
certain that they don't have a password to connect to database even if = they=3D
 download such tool
themselves. If you catch them trying to use such a tool, make sure that = the=3D
y will never ever
forget the experience. You are still a wolf puppy, not a young wolf. = Carefu=3D
l with weapons.
There is a manual for new DBA people on: http://www.bofh.net. PFY, you = shou=3D
ld learn from=3D20
the master.

--=3D20
Mladen Gogala
Oracle DBA

--
http://www.freelists.org/webpage/oracle-l

--
http://www.freelists.org/webpage/oracle-l