Re: Role question???

Subject: Re: Role question???
From: Contractor - Yuktton, jychan_at_corp.hp.com Date: 23 May 1995 20:49:19 GMT
In article <3pthof$ohk_at_hpcc48.corp.hp.com> Contractor - Yuktton, jychan_at_corp.hp.com writes:
>Tung Nguyen (tung_at_system9.unisys.com) wrote:
>: Hi all,
 

>: Is there a way to define a role so that it has select/read privileges
 on
>: all of the tables in a schema?
 

>: What I have been doing is each time a new table is created in the
 schema
>: I have to manually grant select privilege on that table to the role.
 

>: Thanks in advance.
 

>: Tung Nguyen (tung_at_system9.unisys.com)
 

>:

Granting SELECT ANY TABLE is pretty drastic. If you are operating in an environment where there is only 1 application in the database, I suppose that you could make an argument for it. If you are running multiple applications, I would consider it to be unacceptable, because it gives the user access to all the data in all the applications.

I would say that you should only grant SELECT ANY TABLE privilege to the user/role responsible for maintain the database.

I know of no way in ORACLE to do what you want to do. You could set up a nightly batch job that would do it. It could build the required GRANT statements, and then execute them.

Bob Swisshelm | swisshelm_at_Lilly.com | 317 276 5472 Eli Lilly and Company | Lilly Corporate Center | Indianapolis, IN 46285 Received on Wed May 24 1995 - 00:00:00 CEST