| Restrict DML on table [message #517484] |
Tue, 26 July 2011 05:19  |
mamalik
Messages: 268
Registered: November 2008
Location: Pakistan
|
Senior Member |
|
|
Dear All,
I have a table which contains secret data, i want that nobody can query,insert,update or delete that table, we can do by creating a table and giving rights to specific person but problem is that our programmers can query that table while working on that database.
Is there any other event or trigger which check that if person is performing DML on secret table then an error may generate.
Best Regards,
Asif.
|
|
|
|
|
|
|
|
| Re: Restrict DML on table [message #517492 is a reply to message #517489] |
Tue, 26 July 2011 05:28  |
 |
Michel Cadot
Messages: 68716
Registered: March 2007
Location: Saint-Maur, France, https...
|
Senior Member
Account Moderator |
|
|
You miss my first point: drop the table, it is useless.
Quote: If programmers have then how can we restric them?
First fix your organization problem.
Trying to fix an organization problem with a technical workaround is a VERY bad idea and WRONG to do.
Any workaround can be workaround.
Remove their privileges on the table. But you will tell us they have DBA rights.
Regards
Michel
[Updated on: Tue, 26 July 2011 05:30] Report message to a moderator |
|
|
|
|
|
|
|
|
|
| Re: Restrict DML on table [message #517499 is a reply to message #517493] |
Tue, 26 July 2011 05:43 |
John Watson
Messages: 8960
Registered: January 2010
Location: Global Village
|
Senior Member |
|
|
Quote:Is there any other event or trigger which check that if person is performing DML on secret table then an error may generate. I would think that you can do something like this with fine grained auditing, if you have an Enterprise Edition licence. And if you can't fix the the problem (as Michel suggests.)
|
|
|
|
|
|
| Re: Restrict DML on table [message #517515 is a reply to message #517506] |
Tue, 26 July 2011 07:12 |
|
Michel Cadot
Messages: 68716
Registered: March 2007
Location: Saint-Maur, France, https...
|
Senior Member
Account Moderator |
|
|
Do NOT post in UPPER case.
Table level triggers does not forbid SELECT statement (for this you have FGA as John said).
And do NOT create it in SYS schema. SYS is ONLY for Oracle (but in some very special cases).
Regards
Michel
[Updated on: Tue, 26 July 2011 07:12] Report message to a moderator |
|
|
|
| Re: Restrict DML on table [message #517706 is a reply to message #517515] |
Wed, 27 July 2011 07:10 |
Roachcoach
Messages: 1576
Registered: May 2010
Location: UK
|
Senior Member |
|
|
Despite the fact it is an insane problem to have and it should be fixed at source, rather than any other way.....it sounds like virtual private database might be useful - if you have it available.
Much easier just to sort out developer privs though 
|
|
|
|
] 
Blog
Search
Help
Members
Register
Login
Home
