Re: Question RE:GRANTS

A function or procedure executes with the privileges of the owner of the procedure not with the privileges of the user executing the procedure. So if the tables and the function are under the same schema and the execute privilege has been given to a user, he can still execute the function regardless of the fact that he does not have any access to the table directly. Hope this helps,

Shelby

In article <3736a04d.180231936_at_news.pwgsc.gc.ca>,   NeedaHoliday wrote:
> I am responsible for implementing exception handling in a system. My
> problem is, I have been working with the Oracle administrator trying
> to create Oracle problems that can be trapped by the program logic.
> We thought this would be a simple task but we are having problems
> creating the test environment.
>
> Scenerio
>
> All access to the tables has been revoked and all synonms removed. If
> we enter the online system, the system cannot be used. If we enter
> SQLPLUS and query the tables, all access is revoked. So far so good.
> If I EXEC a procedure from the SQL command line, the routine goes
> ahead and performs the task. The tables are queried and updated. The
> administrator has revoke all access except the EXEC function. Not so
> good.
>
> Can anyone tell us, why the EXEC has access when we believe it should
> not.
>
> Thanks in advance.
>
> james.stewart_at_nospamPWGSC.GC.CA
>
> Please remove nospam to email.
>

-----------== Posted via Deja News, The Discussion Network ==---------- http://www.dejanews.com/ Search, Read, Discuss, or Start Your Own Received on Thu May 06 1999 - 11:40:37 CDT