Message-Id: <22528.293379@fatcity.com> From: "Jamadagni, Rajendra" Date: Tue, 10 Sep 2002 15:50:15 -0400 Subject: RE: methodology to keep only certain programs to connect to This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------=_NextPartTM-000-8becd5e7-c4f3-11d6-a0dc-00508bbd2e09 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01C25903.4840DEA0" ------_=_NextPart_001_01C25903.4840DEA0 Content-Type: text/plain; charset="iso-8859-1" Revoke all roles from all apps. You will have to change some code in authorized apps to enable roles after they log in to allow them to access the database. All stray applications won't do this, so even if they log in they won't be able to access anything. BTW SQLPLUS and TOAD use dbms_application_info to set the module column in v$session. This you can capture in db-logon trigger and kill them. At that stage, it is way too early to change the module information. Raj ______________________________________________________ Rajendra Jamadagni MIS, ESPN Inc. Rajendra dot Jamadagni at ESPN dot com Any opinion expressed here is personal and doesn't reflect that of ESPN Inc. QOTD: Any clod can have facts, but having an opinion is an art! -----Original Message----- From: Jared.Still@radisys.com [mailto:Jared.Still@radisys.com] Sent: Tuesday, September 10, 2002 4:03 PM To: Multiple recipients of list ORACLE-L Subject: RE: methodology to keep only certain programs to connect to You can't. This is one of the reasons I haven't tried to use this. Jared ------_=_NextPart_001_01C25903.4840DEA0 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: methodology to keep only certain programs to connect = to

Revoke all roles from all apps. You will have to = change some code in authorized apps to enable roles after they log in = to allow them to access the database. All stray applications won't do = this, so even if they log in they won't be able to access = anything.

BTW SQLPLUS and TOAD use dbms_application_info to set = the module column in v$session. This you can capture in db-logon = trigger and kill them. At that stage, it is way too early to change the = module information.

Raj
______________________________________________________
Rajendra Jamadagni      =         MIS, ESPN Inc.
Rajendra dot Jamadagni at ESPN dot com
Any opinion expressed here is personal and doesn't = reflect that of ESPN Inc.
QOTD: Any clod can have facts, but having an opinion = is an art!


-----Original Message-----
From: Jared.Still@radisys.com [mailto:Jared.Still@radisys.com]
Sent: Tuesday, September 10, 2002 4:03 PM
To: Multiple recipients of list ORACLE-L
Subject: RE: methodology to keep only certain = programs to connect to


You can't.

This is one of the reasons I haven't tried to use = this.

Jared

------_=_NextPart_001_01C25903.4840DEA0-- ------=_NextPartTM-000-8becd5e7-c4f3-11d6-a0dc-00508bbd2e09 Content-Type: text/plain; name="ESPN_Disclaimer.txt" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="ESPN_Disclaimer.txt" ********************************************************************This e-mail message is confidential, intended only for the named recipient(s) above and may contain information that is privileged, attorney work product or exempt from disclosure under applicable law. If you have received this message in error, or are not the named recipient(s), please immediately notify corporate MIS at (860) 766-2000 and delete this e-mail message from your computer, Thank you.*********************************************************************2