Re: Data auditing: triggers vs application code

  • From: david wendelken <davewendelken@xxxxxxxxxxxxx>
  • To: oracle-l <oracle-l@xxxxxxxxxxxxx>
  • Date: Wed, 21 Sep 2005 16:19:30 -0400 (GMT-04:00)

You can not guarantee that no one will disable the triggers.
But that's a moot point, because you also cannot guarantee that no one will 
disable the application audit code.
And, you also cannot guarantee that on one will try to modify the data via 
another application program, or just sql*plus.

In my experience, the likelihood of properly working triggers being disabled is 
much, much less than the likelihood of another program being used to alter the 

The overhead of firing a simple trigger will likely be far less than a round 
trip across the network.

If your application programmers are really worried that the triggers will be 
disabled on them, then have them code a check for the existence of the 
triggers. :)

If they are using stored procedures for their insert/update/deletes instead of 
sending the statements across the network, you can even avoid the round trip to 
find out by putting the check in the procedure.


Other related posts: