Re: Where did the Permissions Come From?

I'll check that. However, the user is logging in as himself and simply logging in through an application shouldn't allow him to grant himself ( a non-dba) a role should it?

Van

Matthias Gresz wrote in message <36DE4DA1.1B9862FA_at_t-online.de>...
>
>
>Van Messner schrieb:
>>
>> A user on a company database, created before I arrived on the site,
>> asked me to check his permissions on a table today. Using the security
>> manager I could see he had no object or system permissions granted
>> explicitly or through a role that would allow him to do anything with the
>> table. However, he is able to insert, update and delete rows through a
>> PowerBuilder application.
>> At first I though he might be going in through PowerBuilder as some
user
>> with more permisssions. But I checked his PowerBuilder setup and he is
>> logging in as himself.
>> Then I thought the permissions might have been granted to "public".
The
>> security manager does not specifically show rights granted to public as
>> such.
>> So I went into SQL plus and issued every query I could think of
against
>> the "all" and "dba" views that have anything to do with roles, grants or
>> permisssions. Rights on the table in question do not show up as having
been
>> granted to public. I believe the querries work properly since I can see
>> rights on many other tables granted to public.
>> Do any of you have ideas on where to look further?
>>
>> Thanks,
>
>
>A database application can be designed to enable and disable selective
>roles automatically when a user attempts to use the application.
>
>May be the PowerBuilder app issues something like:
>
>SET ROLE gardener IDENTIFIED BY marigolds ;
>
>HTH
>Matthias
>--
>grema_at_t-online.de
>
>Protect privacy, boycott Intel: http://www.bigbrotherinside.org
>
Received on Thu Mar 04 1999 - 18:08:47 CST