Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Using current_schema allows too much access

Re: Using current_schema allows too much access

From: Thomas Olszewicki <ThomasO_at_noSpm.cpas.com>
Date: Tue, 19 Jun 2001 02:33:42 GMT
Message-ID: <aSyX6.87295$W02.1438093@news1.rdc2.on.home.com> 






Steve,


Simplest solution is to grant all privs to a role protected by password and
activate this role within your app only.
If you keep password for this role known only to selected group of DBAs and
developers you may be safe.


HTH



Thomas



"Steve S" <stevens_at_coloradocustomware.com> wrote in message
news:bafba412.0106181126.1ddd6027_at_posting.google.com...


> I am trying to change our application from a application sercurity

> model, to indeividual database users using Oracle's security.  I can

> solve the problem of accessing the applications schema by using alter

> session set current_schema = xxx.  One side effect is users could

> potentially access the application schema using an ad-hoc tool with

> full rights to modify data.

>

> Does anyone have any ideas how to get around that?

Received on Mon Jun 18 2001 - 21:33:42 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US