Re: Sql Developer

  • From: "Rumpi Gravenstein" <rgravens@xxxxxxxxx>
  • To: DennisCutshall@xxxxxxxxxxxxxxxxxx
  • Date: Tue, 12 Jun 2007 12:31:04 -0400

What a user can browse is more a reflection on the privileges you've given
the user than insight into a tool's capabilities.  In the case you've
described, any user that can logon as Scott will be able to browse the same
objects.  What the tool is doing for you is shining some light on the
privileges the Scott account has been granted.  I would think that in a
development setting this would be a good thing as many of the system objects
should be helpful in the building of your applications.  In production the
privileges should be limited to what is needed.

On 6/12/07, Dennis Cutshall <DennisCutshall@xxxxxxxxxxxxxxxxxx> wrote:

 Hi,

We are looking at using Oracle's SQL Developer as a development tool.
Does anyone have any experience with this product?  If so, please pass on
your findings.  We are particularly concerned about security.  We noticed
that any user e.g. Scott, can look at many of the objects in SYS and
SYSTEM.  Is this a concern, or are those normally public?

Dennis

Dennis Cutshall
Data Base Administrator
University of North Dakota ITSS
Phone: (701) 777-4109
Fax: (701)777-3978
E-Mail: DennisCutshall@xxxxxxxxxxxxxxxxxx




--
Rumpi Gravenstein

Other related posts: