Hi guys,

I'm encountering something strange.

I create a user, with no quota, object privileges and roles, but the 'CREATE SESSION' system privilege. (It is going to be used as a 'read only'-user, that reads data from a different user.) So I login via the new user and I can still SELECT on tables in different schema's and even update data in a different schemas! And I didn't grant the user any privileges...

I tried to give it a roll that only uses SELECT's, but he still can update rows. The role only has object privileges.

I tried to revoke update privileges from that user, but they were never granted so that didn't work (as was to be expected).

Am I overlooking something?
How do I stop the 'read-only'-user from altering data?

DB: Oracle 8.1.7.1.1

Help is very appreciated.

Erik