Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Global temporary table security

Global temporary table security

From: Sam Bootsma <sbootsma_at_georgebrown.ca>
Date: Thu, 17 May 2007 16:20:34 -0400
Message-ID: <CC7ECEDD58772D41A44D87EBED4A77A1022D65CC@TCCEML02.gbrownc.on.ca> 





Hello All,

 



Our Developers are creating Global Temporary tables then granting
select, update, delete, and insert privileges to PUBLIC.  These global
temporary tables will contain sensitive HR data.  I realize the data is
only visible to the current session, but I still don't like having all
privileges granted to PUBLIC.  Can anybody tell me if there is a
credible security risk to granting these tables to PUBLIC?  For example,
due to an Oracle bug or hacking?  Or are there other disadvantages to
granting everything to PUBLIC?  Or is it standard practice to grant
these tables to public?

 



I would like to grant access only to users that will need the table, but
the other DBA prefers to grant PUBLIC, because it is easier.

 



Thanks for any comments!

 

 



Sam Bootsma



Oracle Database Administrator



Information Technology Services


George Brown College



Phone: 416-415-5000 x4933


Fax: 416-415-4836


E-mail: sbootsma_at_georgebrown.ca <mailto:sbootsma_at_georgebrown.ca> 

 



--
http://www.freelists.org/webpage/oracle-l


Received on Thu May 17 2007 - 15:20:34 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US