RE: select only user causing locks?

  • From: "Andre van Winssen" <awinssen@xxxxxxxxx>
  • To: <gogala@xxxxxxxxxxxxx>, <spatenau@xxxxxxxxx>
  • Date: Fri, 29 Apr 2005 23:09:31 +0200

I object to the term "end-lusers".
End users are innocent.=20

And SELECT FOR UPDATE should be a separate object privilege next to =
Oracle must redesign this in version 11h (hyperspace?)


-----Oorspronkelijk bericht-----
Van: oracle-l-bounce@xxxxxxxxxxxxx =
Namens Mladen Gogala
Verzonden: vrijdag 29 april 2005 22:17
Aan: spatenau@xxxxxxxxx
CC: Oracle-L
Onderwerp: Re: select only user causing locks?

On 04/29/2005 12:45:24 PM, jungwolf wrote:

> A little research with some test accounts shows that, indeed, an
> account with only select privs can issue a select for update to lock a
> row, or even a lock table x in exclusive mode.  Trying to update the
> locked row obviously results in "insufficient privileges", but until
> the read-only account ends the transaction other users are unable to
> modify the row.

Oh my gawd! This reinforces my beliefs that guns should be kept locked =
in a=3D
 safe place!
If you give a gun to a childish person, it will shoot itself in a foot, =
at =3D
best. This=3D20
is a typical case of shooting yourself in each foot, and twice, to make =
e that you=3D20
will be unable to walk!
First, you don't ever give end-lusers a tool that can issue ad-hoc =
 You make darned
certain that they don't have a password to connect to database even if =
 download such tool
themselves. If you catch them trying to use such a tool, make sure that =
y will never ever
forget the experience. You are still a wolf puppy, not a young wolf. =
l with weapons.
There is a manual for new DBA people on: PFY, you =
ld learn from=3D20
the master.

Mladen Gogala
Oracle DBA



Other related posts: