Toad World® Forums

TOAD Role


#1

SEE ATTACHMENT

acip.vcf (298 Bytes)

image001.jpeg

image001.jpeg

image003.gif

image004.jpeg

image005.gif
acip.vcf (328 Bytes)


#2

To do to basic things in Toad, all you need is the CREATE SESSION privilege.
Unless you’ve gone and revoked a lot of things from PUBLIC, then that
should be enough. Once you get into things like the session browser and other
specialized windows, they will usually tell you what you need to use the window.
If you ever find this is not the case, let us know.
image005.gif


#3

To do to basic things in Toad, all you need is the CREATE SESSION privilege.
Unless you’ve gone and revoked a lot of things from PUBLIC, then that
should be enough. Once you get into things like the session browser and other
specialized windows, they will usually tell you what you need to use the window.
If you ever find this is not the case, let us know.
image004.jpeg


#4

To do to basic things in Toad, all you need is the CREATE SESSION privilege.
Unless you’ve gone and revoked a lot of things from PUBLIC, then that
should be enough. Once you get into things like the session browser and other
specialized windows, they will usually tell you what you need to use the window.
If you ever find this is not the case, let us know.
image002.jpeg


#5

To do to basic things in Toad, all you need is the CREATE SESSION privilege.
Unless you’ve gone and revoked a lot of things from PUBLIC, then that
should be enough. Once you get into things like the session browser and other
specialized windows, they will usually tell you what you need to use the window.
If you ever find this is not the case, let us know.
image001.jpeg


#6

To do to basic things in Toad, all you need is the CREATE SESSION privilege.
Unless you’ve gone and revoked a lot of things from PUBLIC, then that
should be enough. Once you get into things like the session browser and other
specialized windows, they will usually tell you what you need to use the window.
If you ever find this is not the case, let us know.
image003.gif


#7

Afternoon Aci,

is there a list of DB Privileges, user should have to run TOAD for ORACLE??
Toad uses only the privs that the account it is logged in to has. So if
that account only has CREATE SESSION then the toad session can’t do much
other than connect.

If on the other hand, the account has full SYSDBA rights, then the Toad
session can do anything at all.

With user I mean a simple user, running Schema Browser and simple
tasks in Editor.
Running the schema browser requires access to various USER_ and ALL_
views (if access to the DBA_ versions are not allowed). Editing requires
some other privileges depending on what you are trying to do in the editor.

If your editor session says “create table …” then to execute it
requires CREATE TABLE rights, and so on.

basically, your application user should be set up in the database
correctly (in an ideal world) and the Toad connection will then be
correct for everything that that account has been permitted to do within
the database.

HTH


Cheers,
Norm. [TeamT]


#8

Another way to say this is that toad is like a shotgun or firearm. You must know
basic things or you could shoot yourself (or if you’re a US VP your
shooting buddy). Toad can do whatever your DBA has given you rights to do. So if
you have been given truncate table priv – then toad will let you do it.
Toad does not ever and cannot ever circumvent your oracle privs. But there are
several ways in toad to say toad take away certain powers even if I have been
granted them so that I am sure to never shoot myself in the foot J

Look at on online help about toad read only, toad security and toad server
manager ……


#9

SEE ATTACHMENT
image002.jpeg


#10

SEE ATTACHMENT
acip.vcf (328 Bytes)


#11

SEE ATTACHMENT
image001.jpeg


#12

SEE ATTACHMENT
image003.gif


#13

SEE ATTACHMENT
image004.jpeg


#14

SEE ATTACHMENT
image005.gif


#15

–an example is to view DB privs for GRANTEE of SYS
select * FROM DBA_TAB_PRIVS where GRANTEE=‘SYS’;

norm…does this look right?

Martin Gainty


please do not alter or disrupt this transmission. thank you


#16

Hi Martin,

select * FROM DBA_TAB_PRIVS where GRANTEE=‘SYS’;

norm…does this look right?

Sort of, yes. Unfortunately you have to consider DBA_COL_PRIVS,
DBA_ROLE_PRIVS, DBA_TAB_PRIVS and DBA_SYS_PRIVS too. And, you also need
to get a little recursive as well.

I use a script named “find_all_privs” written by Pete Finnegan (and
amended by me!) to extract the full list of what the list of privs an
account actually has.

You can find the script at http://www.petefinnigan.com/tools.htm or
download direct from http://www.petefinnigan.com/find_all_privs.sql.

Highly recommended.

Cheers,
Norm. [TeamT].

Information in this message may be confidential and may be legally privileged. If you have received this message by mistake, please notify the sender immediately, delete it and do not copy it to anyone else.

We have checked this email and its attachments for viruses. But you should still check any attachment before opening it.
We may have to make this message and any reply to it public if asked to under the Freedom of Information Act, Data Protection Act or for litigation. Email messages and attachments sent to or from any Environment Agency address may also be accessed by someone other than the sender or recipient, for business purposes.

If we have sent you information and you wish to use it please read our terms and conditions which you can get by calling us on 08708 506 506. Find out more about the Environment Agency at www.environment-agency.gov.uk