In article <20041216220133.68782.qmail@xxxxxxxxxxxxxxxxxxxxxxx>, Charlotte Hammond <charlottejanehammond@xxxxxxxxx> writes >Hi Pete, > >Thanks for your links - some useful material here. I like your comment: "The >whole process requires planning and forethought not quick fixes". This is >exactly not what I've got here! Management tell me "I just need to tick a box >to make my Excel spreadsheet read-only" and wonder why I can't just do the >same >for the database. Hi Charlotte, Glad you found them useful. I think you have found the universal problem in security, the fact that management do not appreciate how easy or hard some things are to achieve in an Oracle environment..:-) I am not sure if I have said this before in writing, I think I have, I think Oracle should look seriously at letting customers easily specify a read only user without resorting to wrapper code or any other non trivial hacks. I can appreciate that this may not be easy to do but it sure would be a useful feature. I don't mean just SELECT ANY TABLE but being able to access the data through the same developed interfaces that already have been coded. kind regards Pete -- Pete Finnigan (email:pete@xxxxxxxxxxxxxxxx) Web site: http://www.petefinnigan.com - Oracle security audit specialists Oracle security blog: http://www.petefinnigan.com/weblog/entries/index.html Book:Oracle security step-by-step Guide - see http://store.sans.org for details. -- //www.freelists.org/webpage/oracle-l