What a user can browse is more a reflection on the privileges you've given the user than insight into a tool's capabilities. In the case you've described, any user that can logon as Scott will be able to browse the same objects. What the tool is doing for you is shining some light on the privileges the Scott account has been granted. I would think that in a development setting this would be a good thing as many of the system objects should be helpful in the building of your applications. In production the privileges should be limited to what is needed. On 6/12/07, Dennis Cutshall <DennisCutshall@xxxxxxxxxxxxxxxxxx> wrote:
Hi, We are looking at using Oracle's SQL Developer as a development tool. Does anyone have any experience with this product? If so, please pass on your findings. We are particularly concerned about security. We noticed that any user e.g. Scott, can look at many of the objects in SYS and SYSTEM. Is this a concern, or are those normally public? Dennis Dennis Cutshall Data Base Administrator University of North Dakota ITSS Phone: (701) 777-4109 Fax: (701)777-3978 E-Mail: DennisCutshall@xxxxxxxxxxxxxxxxxx
-- Rumpi Gravenstein