Wich role is recommended for an ORACLE user used internally by an desktop or web application?
this application makes querys, updates and inserts over only one schema.
Exist a default o recommended role for this task?
+2
A:
Hi Salvador,
If this is an application schema (a schema used by an application to connect to the database), you should grant it the minimum sets of rights:
- create session privilege
- individual SELECT, INSERT, UPDATE and EXECUTE privileges on the DATA schemas' objects
This is the basic set of rights your application should need to run. In most case it will be sufficient.
This solution supposes that the application schema will not own any DATA object. This is the safest method as this will let you control what you allow your application to modify (since you can't prevent the owner of an object to modify it).
If the application schema owns data tables, you will also have to grant it quotas on tablespaces.
Vincent Malgrat
2010-03-04 15:30:59
Maybe DELETE too (though I see a lot of apps that never delete anything)
Gary
2010-03-04 22:15:29
+1 for granting the MINIMUM set of rights. No more.
Jeffrey Kemp
2010-03-05 01:36:32
A:
Your application should have its own user account with proper required rights, the least it needs to perform its tasks succesfully.
Will Marcouiller
2010-03-04 15:41:43