Thanks Bill, Make sense... db_link is probably then solution... Everything depends on concrete problem...
But I still think security should be reconsidered (I would use db_link just in case there is no other options - if we must let users to have direct access to DB)... I mean, in that case when we need log each request for some sensitive data - we would not allow some user direct access to DB where he would be able to do such thing BEGIN TRAN, execute function what returns sensitive data, ROLLBACK Tran; (or many other things...) at least there would be an application layer above DB... (concretly in our case - Users do not have access to DB at all... everything is through Web App, actually DB - Web Service - User Apps (Web, Windows, Mobile etc...)) Thanks, Misa 2012/1/25 Bill Moran <wmo...@potentialtech.com> > In response to Misa Simic <misa.si...@gmail.com>: > > > > But maybe it would be better to reorganise security on the way that users > > who do not need to have access to some data - simply do not have it > > (instead of to give them data and latter check log to confirm they have > > taken it...) > > In many cases that's not enough. For example with HIPAA in the US, a user > may be allowed to access data, but there still _has_ to be a log record > for each access. > > -- > Bill Moran > http://www.potentialtech.com > http://people.collaborativefusion.com/~wmoran/ >
