user priviledge

**Fiona** · 05-31-2002, 08:58 AM

Hi. I've just revoked all privilege of a user and granted Select All Tables only and nothing else, assuming this will make the user read-only.

Yet I have managed to insert a row into a table so what I did was obviously incorrect.

Is there an easy way to make a user read-only?

Cheers

Fiona

**Sureshy** · 05-31-2002, 09:21 AM

select any table and create session are all that are needed for a read only user.

query

dba_tab_privs
dba_sys_privs

for individual privs granted to a user.

query

dba_role_privs - for roles granted to user.
role_sys_privs - sys privs granted to a role
role_tab_privs - tab privs granted to a role
role_role_privs - roles granted to other roles.

This should help you figure out what role/privs a user has.
revoke those he/she doesn't need.

[Edited by Sureshy on 05-31-2002 at 09:30 AM]

**jmodic** · 05-31-2002, 09:33 AM

If that user owns the tables you can't prevent him from inserting records into *his own* tables, even if you leave him only CRATE SESSION privilege.

Thread: user priviledge

Thread Tools

Display

Posting Permissions