RE: Global temporary table security
- From: "Richard J. Goulet" <rgoulet@xxxxxxxxxx>
- To: <sbootsma@xxxxxxxxxxxxxx>, <oracle-l@xxxxxxxxxxxxx>
- Date: Thu, 17 May 2007 16:45:47 -0400
Sam,
I agree with you for one extremely good reason. Sooner or later
someone is going to want to change those tables from global temps to
permanent. BTDT, it's only a matter of when, not if.
______________________________________________________________
Dick Goulet / Capgemini
North America P&C / East Business Unit
\Senior Oracle DBA / Outsourcing
Office: 508.572.1978 / Mobile: 508.742.5795 / www.capgemini.com
<http://www.capgemini.com/>
Fax: 508.229.2019 Email: richard.goulet@xxxxxxxxxxxxx
45 Bartlett St. / Marlborough, MA 01752
Together: the Collaborative Business Experience
______________________________________________________________
________________________________
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Sam Bootsma
Sent: Thursday, May 17, 2007 4:21 PM
To: oracle-l@xxxxxxxxxxxxx
Subject: Global temporary table security
Hello All,
Our Developers are creating Global Temporary tables then granting
select, update, delete, and insert privileges to PUBLIC. These global
temporary tables will contain sensitive HR data. I realize the data is
only visible to the current session, but I still don't like having all
privileges granted to PUBLIC. Can anybody tell me if there is a
credible security risk to granting these tables to PUBLIC? For example,
due to an Oracle bug or hacking? Or are there other disadvantages to
granting everything to PUBLIC? Or is it standard practice to grant
these tables to public?
I would like to grant access only to users that will need the table, but
the other DBA prefers to grant PUBLIC, because it is easier.
Thanks for any comments!
Sam Bootsma
Oracle Database Administrator
Information Technology Services
George Brown College
Phone: 416-415-5000 x4933
Fax: 416-415-4836
E-mail: sbootsma@xxxxxxxxxxxxxx <mailto:sbootsma@xxxxxxxxxxxxxx>
Other related posts:
