Maury Hammel wrote:
> Alexander Buloichik wrote:
>> Hi, All !
>> I commited patch for oracle plugin to sourceforge.
>> It detects how we connected to Oracle(as SYSTEM or ordinarily user)
>> display INSTANES and SESSIONS nodes only for SYSTEM
>> user, because only SYSTEM user can read this data from
>> server. Also it change display mode for USERS node. It
>> displays only current user for ordinarily user, and all
>> users for SYSTEM user.
> I don't know about anyone else, but I don't think this is a good
> 'fix'. SYSTEM is not the only user that can see that information. On
> the sites where I have worked with Oracle, SYSTEM is not routinely
> used as a login from remote tools -- in fact, it has been discouraged.
> I would suggest that this be changed to look to see if the user has
> the DBA role (and/or whatever other privileges are required to see
> that information) before removing it from the view.
Thanks for that observation. I was thinking that there are more cases
where a user other
than SYSTEM has access to v$session (like grant read access to v$session
a user). I would
want to find a reliable way of determing access to v$session, before
disabling the view.
(Maybe even perform the query and if it's successful, enable the view,
if not disable and
don't display and error message)
my two cents,
CollabraSpace - Revolutionary Collaboration
Visit us at http://www.collabraspace.com
This message has been scanned for viruses by