RE: Global temporary table security

• From: "Baumgartel, Paul" <paul.baumgartel@xxxxxxxxxxxxxxxxx>
• To: "'sbootsma@xxxxxxxxxxxxxx'" <sbootsma@xxxxxxxxxxxxxx>, oracle-l@xxxxxxxxxxxxx
• Date: Thu, 17 May 2007 16:55:00 -0400

Argh!  "Easier"?  Why not give everyone DBA privileges, then you never have to 
worry about grants!
 
Tell the other DBA that regardless of the fact that they're GTTs, privileges 
should be granted only as needed.  Period.
 

Paul Baumgartel 
CREDIT SUISSE 
Information Technology 
Securities Processing Databases Americas 
One Madison Avenue 
New York, NY 10010 
USA 
Phone 212.538.1143 
paul.baumgartel@xxxxxxxxxxxxxxxxx 
www.credit-suisse.com 

 

  _____  

From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On 
Behalf Of Sam Bootsma
Sent: Thursday, May 17, 2007 4:21 PM
To: oracle-l@xxxxxxxxxxxxx
Subject: Global temporary table security



Hello All,

 

Our Developers are creating Global Temporary tables then granting select, 
update, delete, and insert privileges to PUBLIC.  These global temporary tables 
will contain sensitive HR data.  I realize the data is only visible to the 
current session, but I still don't like having all privileges granted to 
PUBLIC.  Can anybody tell me if there is a credible security risk to granting 
these tables to PUBLIC?  For example, due to an Oracle bug or hacking?  Or are 
there other disadvantages to granting everything to PUBLIC?  Or is it standard 
practice to grant these tables to public?

 

I would like to grant access only to users that will need the table, but the 
other DBA prefers to grant PUBLIC, because it is easier.

 

Thanks for any comments!

 

 

Sam Bootsma

Oracle Database Administrator

Information Technology Services
George Brown College

Phone: 416-415-5000 x4933
Fax: 416-415-4836
E-mail:  <mailto:sbootsma@xxxxxxxxxxxxxx> sbootsma@xxxxxxxxxxxxxx

 


==============================================================================
Please access the attached hyperlink for an important electronic communications 
disclaimer: 

http://www.credit-suisse.com/legal/en/disclaimer_email_ib.html
==============================================================================

• Follow-Ups:
  • RE: Global temporary table security
    • From: Mercadante, Thomas F \(LABOR\)

Other related posts:

• » Global temporary table security
• » RE: Global temporary table security
• » RE: Global temporary table security
• » RE: Global temporary table security

1. Home
2. oracle-l
3. Archive
4. 05-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---