Re: Read Only User

  • From: Jared Still <jkstill@xxxxxxxxx>
  • To: charlottejanehammond@xxxxxxxxx
  • Date: Thu, 16 Dec 2004 19:15:21 +0000

This is something that should be handled by the application software.

If this database is ever audited, it will fail the audit by doing this.

The only read only accounts that are acceptable are generally
for DBA's and app administrators, and for developers that need
to see production data from outside the applicatoin.


On Thu, 16 Dec 2004 06:51:25 -0800 (PST), Charlotte Hammond
<charlottejanehammond@xxxxxxxxx> wrote:
> Hi all,
> I've been asked to shoehorn a user with "read only" access into a database 
> which wasn't designed to accommodate that.
> Creating a role with select only on tables and views was easy but I'm 
> struggling with how to handle packaged functions (which allow indirect access 
> to view data).  I can't grant execute on the whole package, as it also 
> contains procedures that allow data changes.
> I could create wrapper packages with only the functions exposed, but that 
> looks like a great big maintenance swamp as this isn't a very stable app and 
> the developers keep on changing the package interfaces.
> Any easier ideas? (9.2 btw)
> Thanks
> - Charlotte
> ---------------------------------
> Do you Yahoo!?
>  Jazz up your holiday email with celebrity designs. Learn more.
> --

Jared Still
Certifiable Oracle DBA and Part Time Perl Evangelist

Other related posts: