Home Page for the TeradataForum
 

Archives of the TeradataForum

Message Posted: Wed, 17 Aug 2005 @ 19:37:27 GMT


     
  <Prev Next>  
<<First
<Prev
Next> Last>>  


Subj:   Permissions to DBC.Databases / DBC.Tables
 
From:   Al MacGowan

I've got some issues where a "rogue user" got ahold of an application which enumerates system objects and provides them a GUI interface to whatever JDBC Driver they have for whatever database they have. That's all fine and dandy for them, but this has caused a problem for me, as this user was able to find Users to attempt to logon as. And they did just that. I know this is a procedure and business problem, but I reacted by denying SELECT from DBC.Databases and DBC.Tables from PUBLIC, and re-GRANTing it to "system-level" users, and "trustworthy" ROLEs.

I now have "not necessarily trustworthy" roles which are complaining they cannot use SQL Assistant or other tools that enumerate DBC.Tables to get their GUI apps to work. They can run HELP DATABASE and HELP TABLE statements, but it's not GUI.

Is there a way to handle this that anyone's been able to do? Is there some kind of row-level access that can be implemented, if so - would it be too dangerous potentially?

Any suggestions would be helpful. Thanks!


Alistair MacGowan
Senior Database Administrator



     
  <Prev Next>  
<<First
<Prev
Next> Last>>  
 
 
 
 
 
 
 
 
  
  Top Home Privacy Feedback  
 
 
Copyright for the TeradataForum (TDATA-L), Manta BlueSky    
Copyright 2016 - All Rights Reserved    
Last Modified: 15 Jun 2023