Re: Read Only User
- From: Pete Finnigan <oracle_list@xxxxxxxxxxxxxxxxxxxxxxxxx>
- To: oracle-l@xxxxxxxxxxxxx
- Date: Fri, 17 Dec 2004 08:37:12 +0000
In article <20041216220133.68782.qmail@xxxxxxxxxxxxxxxxxxxxxxx>,
Charlotte Hammond <charlottejanehammond@xxxxxxxxx> writes
>Hi Pete,
>
>Thanks for your links - some useful material here. I like your comment: "The
>whole process requires planning and forethought not quick fixes". This is
>exactly not what I've got here! Management tell me "I just need to tick a box
>to make my Excel spreadsheet read-only" and wonder why I can't just do the
>same
>for the database.
Hi Charlotte,
Glad you found them useful. I think you have found the universal problem
in security, the fact that management do not appreciate how easy or hard
some things are to achieve in an Oracle environment..:-)
I am not sure if I have said this before in writing, I think I have, I
think Oracle should look seriously at letting customers easily specify a
read only user without resorting to wrapper code or any other non
trivial hacks. I can appreciate that this may not be easy to do but it
sure would be a useful feature. I don't mean just SELECT ANY TABLE but
being able to access the data through the same developed interfaces that
already have been coded.
kind regards
Pete
--
Pete Finnigan (email:pete@xxxxxxxxxxxxxxxx)
Web site: http://www.petefinnigan.com - Oracle security audit specialists
Oracle security blog: http://www.petefinnigan.com/weblog/entries/index.html
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.
--
//www.freelists.org/webpage/oracle-l
Other related posts:
