Re: Read Only User

• From: Charlotte Hammond <charlottejanehammond@xxxxxxxxx>
• To: Jared Still <jkstill@xxxxxxxxx>
• Date: Thu, 16 Dec 2004 14:05:46 -0800 (PST)

Hi Jared,
 
Maybe I should have clarified is that the read-only user *is* precisely to 
allow developers access to peek at the production system as you suggested.  
They'll be using sqlplus (or TOAD etc) so there is no other application 
software confusing the picture.
 
But I'm interested in why you say that the database will fail an audit for 
having read only restrictions built into an account.  Surely if (IF!) it works, 
it's irrelevant if it's in the database or a higher level app?
 
Thanks
- Charlotte
Jared Still <jkstill@xxxxxxxxx> wrote:
This is something that should be handled by the application software.

If this database is ever audited, it will fail the audit by doing this.

The only read only accounts that are acceptable are generally
for DBA's and app administrators, and for developers that need
to see production data from outside the applicatoin.

Jared



On Thu, 16 Dec 2004 06:51:25 -0800 (PST), Charlotte Hammond
wrote:
> Hi all,
> 
> I've been asked to shoehorn a user with "read only" access into a database 
> which wasn't designed to accommodate that.
> 
> Creating a role with select only on tables and views was easy but I'm 
> struggling with how to handle packaged functions (which allow indirect access 
> to view data). I can't grant execute on the whole package, as it also 
> contains procedures that allow data changes.
> 
> I could create wrapper packages with only the functions exposed, but that 
> looks like a great big maintenance swamp as this isn't a very stable app and 
> the developers keep on changing the package interfaces.
> 
> Any easier ideas? (9.2 btw)
> 
> Thanks
> - Charlotte
> 
> ---------------------------------
> Do you Yahoo!?
> Jazz up your holiday email with celebrity designs. Learn more.
> 
> --
> //www.freelists.org/webpage/oracle-l
> 


-- 
Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist

                
---------------------------------
Do you Yahoo!?
 Jazz up your holiday email with celebrity designs. Learn more.

--
//www.freelists.org/webpage/oracle-l

• References:
  • Re: Read Only User
    • From: Jared Still

Other related posts:

• » Read Only User
• » RE: Read Only User
• » RE: Read Only User
• » Re: Read Only User
• » RE: Read Only User
• » RE: Read Only User
• » RE: Read Only User
• » Re: Read Only User
• » RE: Read Only User
• » Re: Read Only User
• » Re: Read Only User
• » Re: Read Only User
• » RE: Read Only User
• » RE: Read Only User
• » RE: Read Only User
• » RE: Read Only User
• » RE: Read Only User
• » RE: Read Only User
• » RE: Read Only User
• » RE: Read Only User
• » Re: Read Only User
• » Re: Read Only User
• » RE: Read Only User
• » Re: Read Only User
• » RE: Read Only User
• » RE: Read Only User
• » Re: Read Only User
• » Re: Read Only User

1. Home
2. oracle-l
3. Archive
4. 12-2004

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---