Hi. I've just revoked all privilege of a user and granted Select All Tables only and nothing else, assuming this will make the user read-only.
Yet I have managed to insert a row into a table so what I did was obviously incorrect.
Is there an easy way to make a user read-only?
select any table and create session are all that are needed for a read only user.
for individual privs granted to a user.
dba_role_privs - for roles granted to user.
role_sys_privs - sys privs granted to a role
role_tab_privs - tab privs granted to a role
role_role_privs - roles granted to other roles.
This should help you figure out what role/privs a user has.
revoke those he/she doesn't need.
[Edited by Sureshy on 05-31-2002 at 09:30 AM]
Once you have eliminated all of the impossible,
whatever remains however improbable,
must be true.
If that user owns the tables you can't prevent him from inserting records into *his own* tables, even if you leave him only CRATE SESSION privilege.
ASCII a stupid question, get a stupid ANSI
24 hours in a day .... 24 beer in a case .... coincidence?
Click Here to Expand Forum to Full Width