How do I hide/lock a few tables in Oracle so that only my application has access to modify those data in the table?
+1
A:
Create a user/login to the DB that you can control. Assign that user as the owner (using grants) of the tables you need to "hide/lock". Use grants to make the tables inaccessible ( or read only) to other users.
lexu
2008-12-05 06:16:38
A:
After creating the user, make sure you remove the grants for other users. By default, default users have the grant. So make sure only your user has all the the grants
Samiksha
2008-12-05 07:08:26
"By default, default users have the grant" ... makes no sense to me. When you create a table no other users have privileges on it unless they have a ANY TABLES role.
David Aldridge
2008-12-05 12:46:35
+1
A:
All you need to do it create a new user and create the tables under that user's schema. No other users, other than highly privileged ones with SELECT/INSERT/etc ALL TABLES privileges will be able to access them unless you grant a privilege to them or to a role that is granted to them.
If you want the ultimate security model, which you probably don't, create the table under one schema (say APP_DATA), and create stored procedure under another (APP_CODE). Grant only the required privileges on APP_DATA objects to the APP_CODE schema, and grant only the required privileges on the APP_CODE schema to other users.
David Aldridge
2008-12-05 12:52:32
Great answer. I agree that you probably don't need the code/data schema separation, but the model of only giving users package (procedure) execute privileges is good for more reasons than just security even if the data and code is in the same schema.
Leigh Riffel
2008-12-08 14:56:24