Tuesday, 10 April 2018

Oracle read only account

Create a new read only user or grant rights to existing user
  • create user new-user identified by pwd;
  • grant connect, create session, select any table to new-user;
Now you can select any object by prefixing with owner. If you want to browse dictionary objects you also need
  • grant select any dictionary to new-user;
For permanent users I always prefer to give specific access only to the objects needed and create synonyms to point to these objects. This gives a more generic source and also gives a better documentation of what this account is used for. And of course revoke the select any table right.

No comments:

Post a Comment