Managing access to PL/SQL code within the DB
We have development staff who, for various reasons, need to be able to perform comparisons of packages, procs, funcs, belonging to schema owners (not them) between environments, using tools such as TOAD, SQLNavigator, etc...
Thus far, I have only been able to come up with 3 methods to allow them to do this, each with its own "issues".
1) Grant select_catalog_role to the developer. Downside: In a 10G environment, this not only gives them access to code that we, the DBAs, have in-place for administration purposes, which MAY hold information that we would rather no one else be privy to (yes, I know we could/should wrap the code, but, for the moment that is not desireable), it also gives them the ability to see the hashed passwords of all users, which is, of course,a potential security hole.