Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
![]() |
![]() |
Home -> Community -> Usenet -> c.d.o.server -> Re: Preventing SQLPLUS access?
Jurij Modic wrote:
> On Fri, 6 Jun 1997 18:23:56 GMT, skubiszewski_at_Eisner.DECUS.Org wrote:
>
> >We have a large user base using a custom-written client-server
application
> >with Oracle as the database. Our developers are worried that crafty
users
> >will discover that they can use their application signon to come in
via
> >SQLPLUS. We don't want anyone manipulating the database from outside
> >the custom application.
> >
> >Is there an easy way to prevent this from happening?
One other way of doing this (even though I don't see why you would want to do it this way - one probable way is that anyone can download an ODBC driver and use on some other query tool, which could allow upgrades, as Microsoft Query) is to grant all privileges on the tables you need to a role, not to the user, and then grant that role to the user, NOT as the default role.
The following step would be to hard-code into your application something like the set_role PL/SQL command that activates that role. As far as you don't give the role name away, this approach pretty much shuts the common user out of tables he would otherwise be able to update through standard SQL.
If that sounds foggy, just drop me a mail and I can explain it in more detail (it can take some time - I don't check my e-mail that usually. Sorry, I'm a consultant and I travel a lot).
Roberto Bruno. Received on Thu Jun 19 1997 - 00:00:00 CDT
![]() |
![]() |