Re: Rights and Packages

Granting Execute on a package allows the user to execute that package..period. If the package updates the user will be able to update using the package. It does not give the user any direct authority on the database objects.
Actually this is a fantastic security mechanism if you write your own packages since you can control the updates to the tables.
In your case where the package is 3rd party I think you are out of luck.

In the Forms world, you could consider making the packages 'local' to the client where they would use user level security. Don't know if you have that option with Uniface...

• Mike

Rodger <rodger_at_infobahn.mb.ca> wrote in article <32E77E91.5F3D_at_infobahn.mb.ca>...
> We are using Uniface Six, (Windows) on an Oracle platform.
> Uniface Six makes extensive use of Oracle's
> packages when it creates the scripts to
> create the tables.
>
 <Snip>
> If we grant execute rights to the packages,
> Oracle seems to also grant all rights to the
> user that the package would have. So, if a
> package is supposed to update, the user
> suddently gets update rights. So, the package
> rights override any CRUD rights.
>
> Does anyone know of anyway to reverse this
> priority?
>
> That is, we could grant Select only
> to the user, and Execute to the package. However,
> the package would be disabled if the user did
> not have all the rights to do what the package
> is defined as doing. Or, the Package rights
> would be overridden by any of the other
> rights.
>
>
> Thanks in Advance,
>
> Rodger Lepinsky
> ADP Systems Partnership
> Winnipeg, Manitoba, Canada
>
> sysdev_at_adpsystems.mb.ca
> rodger_at_infobahn.mb.ca
>
Received on Fri Jan 24 1997 - 00:00:00 CET