** ORACLE Forms security **

In article <1992Aug11.194948.18667_at_convex.com> lee_at_convex.com writes:

>
>
> I am trying to limit user access to my oracle database and am having
> a problem figuring out how. Here is the scenerio:
>
> hundreds of users, each with their own userid and I only want them to be able
> to select/query records from the tables.
>
> at the same time, I want them to have update,delete,insert,select,...
> ability on the same tables as long as they're accessing the tables through
> forms.
>
If I read you right...

Assuming V6, try setting up, for each user, a product profile entry to disable insert/update/delete access via sqlplus. (re doc file in oracle directories). I do not know if renaming executable will circumnavigate this and the use of a PRO*Oracle or RPT will get round it, so you may have to utilise OS security also, to limit access to the executables ie make sqlplus executable only, so no copy allowed, inhibit rpt access to trusted background processes, and throw away the compiler!! (be really nasty and let them have the precompiler ;-)* )

I believe, and so does my cat that this feature will be extended to other products (though coping with my_destructive_program.exe my be a problem)

Maybe V7 copes better? Any comments gurus_at_oracle.com?

--
frozzboz_at_zork.demon.co.uk  (Keith Davidson)

Watch out The Borg are about