Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Read Only User

Re: Read Only User

From: Charlotte Hammond <charlottejanehammond_at_yahoo.com>
Date: Thu, 16 Dec 2004 10:05:02 -0800 (PST)
Message-ID: <20041216180502.47039.qmail@web20707.mail.yahoo.com> 





Hi John,



Thanks for suggesting FGAC - that hadn't occurred to me, but I guess I could simply set up a policy function along the lines of 'sys_context('USERENV','SESSION_USER') != READONLYUSER' and add it for statement types insert, update and delete on all tables.  And then allow a free-for-all on executing the packages.



I guess this is similar in principle to Mark Bobak's suggestion - to allow the PL/SQL access but block any actual DML that is attempted, only using DBMS_RLS instead of triggers.  Stephane Faroult is trying to persuade me that the impact using triggers won't be that great - and I'll believe him! - but I'd be comfortable using DBMS_RLS as we had it on an other similar system and it didn't have any noticeable performance hit.



Thanks to everyone who responded,  all much appreciated!






On Thu, 16 Dec 2004 08:45 , John Shaw <John.Shaw_at_correctionscorp.com> sent:




The ever popular fine grain access 
 


[... details snipped ... ]


                




Do you Yahoo!?


 Yahoo! Mail - Find what you need with new enhanced search. Learn more.


--
http://www.freelists.org/webpage/oracle-l


Received on Thu Dec 16 2004 - 12:15:36 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US