Security Model Using Invoker's Rights
Oracle RDBMS 12.2.0.1.0
We are starting a new development project and perhaps now is the time for a security model change. Development came to me for a READ account and a WRITE account. Access to the database is through PL/SQL Packages. That's a little unclear, so was thinking about adding something to their request.
DATA OWNER, CODE OWNER: PERMIT
PERMIT will own the objects and create its procedures with authid current_user to use Invoker's rights.
PERMIT grants execute to PERMIT READ and the required SELECT privs on objects
PERMIT grants execute to PERMIT_WRITE and the required S,I,U,D privs on objects