Index: Date Index | Thread Index

[Date Prev] | [Date Next] | [Thread Prev] | [Thread Next]

[OAUGNet]-Re: Read-only database account

Ahalya,

I would NOT suggest giving a 'select all' access to anyone in any environment without looking at access to sensitive data.  Your company should identify what it considers sensitive data and who should have access to it.  For example, it isn't appropriate for an analyst supporting GL to have access to HR data.  In addition, I'd suggest reading Integrigy's white paper on Oracle Applications Password Decryption and understand the risks in giving unlimited access to certain FND tables.  That white paper can be found here: (http://www.integrigy.com/security-resources).

Regards,
Jeffrey T. Hare, CPA CISA CIA


--- On Fri, 6/20/08, Shingireddy, Ahalya <Ahalya.Shingireddy@otsuka.com> wrote:

> From: Shingireddy, Ahalya <Ahalya.Shingireddy@otsuka.com>
> Subject: [OAUGNet]-Read-only database account
> To: "OAUG Net listserver" <OAUGNet@oaug.com>
> Date: Friday, June 20, 2008, 1:21 PM
> What are the best practices done for the read-only database
> accounts in production while giving access to
> super-user/developers? This came up as a part of our audit
> process.
> 
> I am looking for a script to create a read-only account for
> apps, which can access (select only) from all apps tables
> without specifying the schema owner.  Can anybody please
> share the script if you already have one?
> 
> Thanks for your suggestion.
> Ahalya
> 
> 
> #############################################################
> This message is sent to you because you are subscribed to
> the mailing list <OAUGNet@oaug.com>.
> To unsubscribe, E-mail to: <OAUGNet-off@oaug.com>
> To switch to the FEED mode, send any message to
> <OAUGNet-feed@oaug.com>
> To switch to the DIGEST mode, E-mail to
> <OAUGNet-digest@oaug.com>
> To switch to the INDEX mode, E-mail to
> <OAUGNet-index@oaug.com>
> Send administrative queries to 
> <OAUGNet-request@oaug.com>

#############################################################
This message is sent to you because you are subscribed to the mailing list <OAUGNet@oaug.com>.
To unsubscribe, E-mail to: <OAUGNet-off@oaug.com>
To switch to the FEED mode, send any message to <OAUGNet-feed@oaug.com>
To switch to the DIGEST mode, E-mail to <OAUGNet-digest@oaug.com>
To switch to the INDEX mode, E-mail to <OAUGNet-index@oaug.com>
Send administrative queries to  <OAUGNet-request@oaug.com>
  • Prev by Date: [OAUGNet]-Re: Read-only database account
  • Next by Date: [OAUGNet]-Re: Read-only database account
  • Previous by thread: [OAUGNet]-Re: Read-only database account
  • Next by thread: [OAUGNet]-Re: Read-only database account

    • Index: Date Index | Thread Index

    Thank you for using the OAUG Listserver Archive.