Archives of the TeradataForum
Message Posted: Wed, 17 Aug 2005 @ 19:37:27 GMT
I've got some issues where a "rogue user" got ahold of an application which enumerates system objects and provides them a GUI interface to whatever JDBC Driver they have for whatever database they have. That's all fine and dandy for them, but this has caused a problem for me, as this user was able to find Users to attempt to logon as. And they did just that. I know this is a procedure and business problem, but I reacted by denying SELECT from DBC.Databases and DBC.Tables from PUBLIC, and re-GRANTing it to "system-level" users, and "trustworthy" ROLEs.
I now have "not necessarily trustworthy" roles which are complaining they cannot use SQL Assistant or other tools that enumerate DBC.Tables to get their GUI apps to work. They can run HELP DATABASE and HELP TABLE statements, but it's not GUI.
Is there a way to handle this that anyone's been able to do? Is there some kind of row-level access that can be implemented, if so - would it be too dangerous potentially?
Any suggestions would be helpful. Thanks!
|Copyright 2016 - All Rights Reserved|
|Last Modified: 28 Jun 2020|