RE: PUBLIC grants
- From: "Verma, Amit" <AVerma@xxxxxxx>
- To: "Dennis Williams" <oracledba.williams@xxxxxxxxx>, <ric.van.dyke@xxxxxxxxxx>
- Date: Fri, 2 Jun 2006 15:32:34 -0500
Creating roles and granting privs via role wouldn't work 'cz we have
stored procedures that need privileges granted directly. Creating views
wouldn't work 'cz even if I don't revoke the privileges they would still
be able to view the data.
I am sorry, my point wasn't clear enough. I wanted to be able to
restrict the users WITHOUT revoking privs from public. I guess there is
no way out.
Thanks all.
-Amit.
________________________________
From: Dennis Williams [mailto:oracledba.williams@xxxxxxxxx]
Sent: Thursday, June 01, 2006 6:34 PM
To: ric.van.dyke@xxxxxxxxxx
Cc: Verma, Amit; Oracle-L Freelists
Subject: Re: PUBLIC grants
Amit,
Oh, just what is it you DON'T want the auditors to see???? Usually
auditing operates on the principle that nothing is hidden from the
auditors. I was just reading about the auditors that audit the CIA.
Are these tables where it is technically possible to revoke PUBLIC?
Okay, you could:
1. Create a new role.
2. Grant the tables in question to that role.
3. Grant that role to everybody except the auditors.
4. Revoke PUBLIC from those tables.
Dennis Williams
Other related posts:
