RE: Select any dictionary role
- From: "Reidy, Ron" <Ron.Reidy@xxxxxxxxxxxxxxxxxx>
- To: <fred_fred_1@xxxxxxxxxxx>, <oracle-l@xxxxxxxxxxxxx>
- Date: Mon, 17 Oct 2005 13:33:24 -0600
Well, there is no way around this if they need to use OEM. I would try
to discourage this usage. If not, only give them SELECT ANY DICTIONARY
and select_catalog_role, not oem_manager - this will give them read-only
access. There is also the issue of access to the password hash in
DBA_USERS, but that is an altogether different topic that is sure to
start a wild fire.
--
Ron Reidy
Lead DBA
Array BioPharma, Inc.
-----Original Message-----
From: oracle-l-bounce@xxxxxxxxxxxxx
[mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Fred Smith
Sent: Monday, October 17, 2005 12:59 PM
To: oracle-l@xxxxxxxxxxxxx
Subject: Select any dictionary role
Hello all,
Just wanted to get your thoughts ... is there any "danger" to
granting
developers the SELECT ANY DICTIONARY role in the database? (IMHO, they
don't
particulary need such "open" access, however tools such as OEM require
it
for login apparently).
Thanks for the multiple $0.02!
-Fred S.
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's
FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
--
//www.freelists.org/webpage/oracle-l
This electronic message transmission is a PRIVATE communication which contains
information which may be confidential or privileged. The information is
intended
to be for the use of the individual or entity named above. If you are not the
intended recipient, please be aware that any disclosure, copying, distribution
or use of the contents of this information is prohibited. Please notify the
sender of the delivery error by replying to this message, or notify us by
telephone (877-633-2436, ext. 0), and then delete it from your system.
--
//www.freelists.org/webpage/oracle-l
Other related posts:
