ODBC Bypassing Oracle's Security :-(

From: Brian Graham <grahamb_at_qouest.net>
Date: 1998/03/17
Message-ID: <350EA54B.594_at_qouest.net>#1/1

[Quoted] [Quoted] I've set up an Oracle account where I've granted select priviledges [Quoted] only on the desired tables. I've then set up synonyms to the tables.

[Quoted] When I used ODBC32 and MsAccess '95, I find that I can update the owner's tables directly, and via the synonyms I created. Again, the key word is UPDATE. I wanted read-only access.

I've already tried adding a entries into PRODUCT_USER_PROFILE disabling updates and ODBC but that didn't resolve the issue. We are using Oracle7 32 bit ODBC driver (production) 2.5.3.1.0B .

Any suggestions? I don't intend to turn an inexperienced user loose under these conditions. The intent here is to have LINKS to the tables, so the user gets updated information. For now I guess I have to go with snapshots of the database..

-- 
Brian Graham (grahamb_at_qouest.net)

Received on Tue Mar 17 1998 - 00:00:00 CET

This message: [ Message body ]
Next message: Thomas Kyte: "Re: ODBC Bypassing Oracle's Security :-("
Previous message: Joe Strano: "Re: Forms 5.0 blocks"
Next in thread: Thomas Kyte: "Re: ODBC Bypassing Oracle's Security :-("
Reply: Thomas Kyte: "Re: ODBC Bypassing Oracle's Security :-("
Reply: Piotr Kolodziej: "Re: ODBC Bypassing Oracle's Security :-("
Reply: H. John C. Hopkins: "Re: ODBC Bypassing Oracle's Security :-("
Reply: Brian Graham: "Re: ODBC Bypassing Oracle's Security :-("

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message