home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.databases.oracle
- From: frozzboz@zork.demon.co.uk (Keith Davidson)
- Path: sparky!uunet!pipex!demon!zork.demon.co.uk!frozzboz
- Subject: ** ORACLE Forms security **
- Distribution: world
- References: <1992Aug11.194948.18667@convex.com>
- Organization: zork
- Lines: 35
- Date: Wed, 12 Aug 1992 21:49:54 +0000
- Message-ID: <713665744snx@zork.demon.co.uk>
- Sender: usenet@gate.demon.co.uk
-
-
- In article <1992Aug11.194948.18667@convex.com> lee@convex.com writes:
-
- >
- >
- > I am trying to limit user access to my oracle database and am having
- > a problem figuring out how. Here is the scenerio:
- >
- > hundreds of users, each with their own userid and I only want them to be able
- > to select/query records from the tables.
- >
- > at the same time, I want them to have update,delete,insert,select,...
- > ability on the same tables as long as they're accessing the tables through
- > forms.
- >
- If I read you right...
-
- Assuming V6, try setting up, for each user, a product profile entry to
- disable insert/update/delete access via sqlplus. (re doc file in oracle
- directories). I do not know if renaming executable will circumnavigate this
- and the use of a PRO*Oracle or RPT will get round it, so you may have to
- utilise OS security also, to limit access to the executables
- ie make sqlplus executable only, so no copy allowed, inhibit rpt access to
- trusted background processes, and throw away the compiler!! (be really nasty
- and let them have the precompiler ;-)* )
-
- I believe, and so does my cat that this feature will be extended to other
- products (though coping with my_destructive_program.exe my be a problem)
-
- Maybe V7 copes better? Any comments gurus@oracle.com?
-
- --
- frozzboz@zork.demon.co.uk (Keith Davidson)
-
- Watch out The Borg are about
-
