-----Original Message-----
From: Mercadante, Thomas F [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 10, 2003 3:19 PM
To: Multiple recipients of list ORACLE-L
Subject: RE: Protecting schema changesVal,1). Create a role. Grant select, insert, update and delete of all the tables, views, sequences, procedures, packages and functions used by the application to this role.2). create public synonyms for the objects in the application synonym.3). create an "application" account that will be used by the application to connect to the database.4). grant the role to the application account.5). tell the applications group to change their JDBC procedure to connect to this new account.6). then change the password to the application schema account. tell them that changes to this account will now be controlled by you - the DBA.problem solved. they can still play in their own account, but changes to the schema account is now controlled by you.once you move beyond the development environment, do not give them the ability to create anything in the database - only create query accounts for them to look at the data.hope this helps and have a nice weekend.Tom Mercadante
Oracle Certified Professional-----Original Message-----
From: Webber Valerie H [mailto:[EMAIL PROTECTED]]
Sent: Friday, January 10, 2003 2:50 PM
To: Multiple recipients of list ORACLE-L
Subject: Protecting schema changesIn a n-tier system that connects to the database with JDBC, how does a DBA keep developers from modifying the application schema without the DBA's consent or knowledge in a centralized development environment?
The developers can have their own personal database on their desktops to program/test with but we have a problem with them making changes to the main development database as the application schema owner. They know/have the application schema username/password since it is used to make the JDBC connections to the database from the app server.
Does anyone have links to defined change control processes that might help?
Thanks in advance!
ValValerie H. Webber
Management Systems Designers, Inc
Database Administrator
[EMAIL PROTECTED]
704-566-5321
Title: Protecting schema changes
Super!
Is it okay to grant 'select any table' or should it be
object specific? I'd think object specific would be more
secure.
Thanks for your help and have a nice weekend
too!
Val
- Protecting schema changes Webber Valerie H
- RE: Protecting schema changes Deshpande, Kirti
- RE: Protecting schema changes Jeremy Pulcifer
- RE: Protecting schema changes John Kanagaraj
- RE: Protecting schema changes DENNIS WILLIAMS
- RE: Protecting schema changes Mercadante, Thomas F
- RE: Protecting schema changes Webber Valerie H
- RE: Protecting schema changes Richard Ji
- Re: Protecting schema changes Reginald . W . Bailey
- Re: Protecting schema changes BigP
