DBAsupport.com Forums - Powered by vBulletin
Results 1 to 5 of 5

Thread: New user updates tables without privileges?

  1. #1
    Join Date
    Oct 2002
    Location
    Breda, The Netherlands
    Posts
    317

    Question New user updates tables without privileges?

    Hi guys,

    I'm encountering something strange.

    I create a user, with no quota, object privileges and roles, but the 'CREATE SESSION' system privilege. (It is going to be used as a 'read only'-user, that reads data from a different user.) So I login via the new user and I can still SELECT on tables in different schema's and even update data in a different schemas! And I didn't grant the user any privileges...

    I tried to give it a roll that only uses SELECT's, but he still can update rows. The role only has object privileges.

    I tried to revoke update privileges from that user, but they were never granted so that didn't work (as was to be expected).

    Am I overlooking something?
    How do I stop the 'read-only'-user from altering data?

    DB: Oracle 8.1.7.1.1

    Help is very appreciated.

    Erik
    An expert is one who knows more and more about less and less until he knows absolutely everything about nothing.

  2. #2
    Join Date
    Nov 2000
    Location
    Israel
    Posts
    268
    Maybe you have granted update on table to public.

    use:
    select table_name, privilege
    from dba_Tab_privs
    where grantee = 'PUBLIC'
    and owner = '&table_owner'
    order by 1,2
    /

    cheers.
    It is better to ask and appear ignorant, than to remain silent and remain ignorant.

    Oracle OCP DBA 9i,
    C++, Java developer

  3. #3
    Join Date
    Oct 2002
    Location
    Breda, The Netherlands
    Posts
    317
    You're absolutely right!

    We have all kinds of roles that control authorisation, but some developer (I guess) has granted privileges to public. Grrr!!

    Thanks!
    An expert is one who knows more and more about less and less until he knows absolutely everything about nothing.

  4. #4
    Join Date
    Sep 2002
    Location
    England
    Posts
    7,334
    blame the developers, best way :-)

  5. #5
    Join Date
    Oct 2002
    Location
    Breda, The Netherlands
    Posts
    317
    I'm a Saint...
    An expert is one who knows more and more about less and less until he knows absolutely everything about nothing.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Click Here to Expand Forum to Full Width