Create another user with select privileges only on the objects in the app's schema.
Give that one to them and then change the password on the original app id so they
won't be able to use that one anymore.
Jon Walthour
>
> From: Larry Hahn <[EMAIL PROTECTED]>
> Date: 2001/08/21 Tue AM 11:21:04 EDT
> To: Multiple recipients of list ORACLE-L <[EMAIL PROTECTED]>
> Subject: User access within/outside of app
>
> List,
>
> We have purchased a system where users login through
> an ODBC connection using a generic Oracle userid. This
> userid has full rights to do insert, update, delete,
> select on any table in the schema. The app asks for
> another username and password which checks the
> application security table, which limits what areas of
> the apps they can access.
>
> Although this may work fine for the app, the users
> also have the ability to use Access and other ODBC
> compliant programs to look at the data. When doing so,
> they use the same ODBC DSN and, what do you know, they
> have capabilities beyond their wildest imagination.
>
> This is obviously not a situation I want to implement.
> I am looking for a way to allow a user into the app to
> do their normal work, but only allow read access for
> anything outside the app.
>
> Any suggestions or ideas would be more than welcome.
>
> Thanks,
>
> Larry Hahn
> Journal Sentinel, Inc.
>
> __________________________________________________
> Do You Yahoo!?
> Make international calls for as low as $.04/minute with Yahoo! Messenger
> http://phonecard.yahoo.com/
> --
> Please see the official ORACLE-L FAQ: http://www.orafaq.com
> --
> Author: Larry Hahn
> INET: [EMAIL PROTECTED]
>
> Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
> San Diego, California -- Public Internet access / Mailing Lists
> --------------------------------------------------------------------
> To REMOVE yourself from this mailing list, send an E-Mail message
> to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
> the message BODY, include a line containing: UNSUB ORACLE-L
> (or the name of mailing list you want to be removed from). You may
> also send the HELP command for other information (like subscribing).
>
--
Please see the official ORACLE-L FAQ: http://www.orafaq.com
--
Author: Jon Walthour
INET: [EMAIL PROTECTED]
Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
San Diego, California -- Public Internet access / Mailing Lists
--------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from). You may
also send the HELP command for other information (like subscribing).
