RE: sys vs. "normal" User

Jorg,

It wouldn't be my choice to create custom procedures in the SYS-schema. Other 
than "it's just not done" I am unaware of "something bad" when doing so.

Instead I would create a new (third) schema. Grant it the create session and 
create procedure system privileges, and grant it the necessary object priviges 
on the SYS objects you mention.
Then you can create your procedure in this schema, and finally grant execute on 
your procedure to the application schema.

Toon


-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On 
Behalf Of Jost," Jörg
Sent: dinsdag 4 september 2007 9:52
To: oracle-l@xxxxxxxxxxxxx
Subject: sys vs. "normal" User

Hello List,

as often, there is a discussion between our developers and me, the
dba ;-)

Our application connects to Oracle via SQLNet as a normal User. Every 
application client connects as the same user, so there are many 
connections with the same username in v$session.

At some important points this application locks rows with dbms_lock.

The lockname is the rowid of the row. Sometimes an evil user stays
forever at this row and other users are unable to change it.

This case in mind, i have written a small procedure, which get the
Primary Key of the locked rows and shows it via dbms_output.

Because of the Tables/Views i need to query, this procedure belongs to
SYS.

My question is, is there something bad to install procedures as sys and
grant the procedure to the application user? Is there a "Dogma" that
says, never create or install self written packages as sys?

Should i grant select on the underlying Tables/Views instead?

The Objects i query are:

dbms_lock_allocated
dba_locks
v$session

Also this objects, which are no problem because they exists also for the
normal user:

dba_cons_columns
dba_constraints
dba_objects

Thx in advance

Jörg

--
http://www.freelists.org/webpage/oracle-l



--
http://www.freelists.org/webpage/oracle-l

Other related posts: