Hi,
I've written a package that may update the database. Another user
needs access (by SQL*Plus or Access) to some of its functions, but is
not allowed to update the database.
If I make GRANT EXECUTE to this user, he uses the rights of the owner
of the package and can update the DB. The best for me would be the
package to be executed only with the rights of the user who calls it.
It is Oracle 8.0, and it seems it does not have the same fine grain
management that 8i. Any idea to solve this problem (other than
compiling two versions of the package, make user-wrapper packages, or
test the user in the dangerous functions) is welcome!
Thanks in advance.
Received on Fri Sep 27 2002 - 09:52:25 CDT
