Madness?
Surely they've misunderstood something?
Sent from my Windows Phone
________________________________
From: Lange, Kevin G<mailto:kevin.lange@xxxxxxxxx>
Sent: 12/04/2016 16:45
To: mark.powell2@xxxxxxx<mailto:mark.powell2@xxxxxxx>;
Oracle-L@xxxxxxxxxxxxx<mailto:Oracle-L@xxxxxxxxxxxxx>
Subject: RE: AUTHID Change Script
Good idea or not, it's the message from on high that DEFINER is not allowed.
But, I do think it's a good idea for security. We have most security based on
roles so the user just needs the appropriate roles to be able to run the
procedures correctly. Yes, we will find issues that have to be corrected, but
, overall, we have been leaning towards this already so users should already
have the appropriate roles.
I was just trying to make the coding as painless as possible.
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On ;
Behalf Of Powell, Mark
Sent: Monday, April 11, 2016 10:16 AM
To: Oracle-L@xxxxxxxxxxxxx
Subject: RE: AUTHID Change Script
Kevin, are you sure this is a good idea? We write pretty much all our stored
code to run as DEFINER because the owner's privileges are what are needed for
the code to work correctly. Unless the stored code was initially designed to
run as the current user changing the code may result in breaking it. Have all
the necessary privileges for the code to run as the current user been
identified and issued?
From: oracle-l-bounce@xxxxxxxxxxxxx<mailto:oracle-l-bounce@xxxxxxxxxxxxx>
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Lange, Kevin G
Sent: Friday, April 08, 2016 6:23 PM
To: Oracle-L@xxxxxxxxxxxxx<mailto:Oracle-L@xxxxxxxxxxxxx>
Subject: AUTHID Change Script
Evening all;
I was wondering if anyone out here might already have a script to change the
authid from definer to current_user on all Procedures, Functions, types, and
packages that exist in a database with an AUTHID of definer?
We find that we have a number of these in multiple databases and instead of
opening them up by hand and editing every one of them, I was hoping for an
existing script/procedure that could to that for us.
Oracle Version: 10.2.0.4
Appreciate any help.
Kevin
This e-mail, including attachments, may include confidential and/or
proprietary information, and may be used only by the person or entity
to which it is addressed. If the reader of this e-mail is not the intended
recipient or his or her authorized agent, the reader is hereby notified
that any dissemination, distribution or copying of this e-mail is
prohibited. If you have received this e-mail in error, please notify the
sender by replying to this message and delete this e-mail immediately.
This e-mail, including attachments, may include confidential and/or
proprietary information, and may be used only by the person or entity
to which it is addressed. If the reader of this e-mail is not the intended
recipient or his or her authorized agent, the reader is hereby notified
that any dissemination, distribution or copying of this e-mail is
prohibited. If you have received this e-mail in error, please notify the
sender by replying to this message and delete this e-mail immediately.