what you can do is:
- create a user A with minimal privileges (connect)
- if user A connects to SQL*PLUS he cannot do anything (no privileges)
- in your app., when user A logs on, programmatically reconnect as another
user B with more appropriate privileges. Make it so that it is impossible
to know B from A
Wolfgang.Rothmayer_at_bmw.de wrote in article <35bc7609.14804447_at_news.muc>...
> Hi there,
>
> we are seeking for a security mechanism to hinder the use of sqlplus
> for a group of users. No user of this group should be able to execute
> a SQL command if logged in into a database.
>
> On the other hand, we have a NT app where this user group gets logged
> in into this database. Login is done via a group user as the
> administration effort to handle each user differently is to high.
>
> Our aim is to minimize the adminstrative effort to change the password
> for the "group user".
>
> Any input is greatly appreciated.
>
> Wolfgang.
>
Received on Tue Jul 28 1998 - 08:44:07 CDT
