How to Secure ALL_SOURCE using a Policy (DBMS_RLS) to Hide Body Implementations (Doc ID 333654.1)

Last updated on AUGUST 29, 2017

Applies to:

PL/SQL - Version 9.2.0.1 and later
Information in this document applies to any platform.
***Checked for relevance on 24-Aug-2017***


Goal

Prevent users from using ALL_SOURCE to browse the source code of the implementation body of types and packages of which they have execute privilege but do not own. ALL_SOURCE must remain available to allow users to view the package and type specification.

Note: The wrap utility does allow the source code specification to be encrypted but the goal here is to make the body invisible so that no rows are returned when ALL_SOURCE is queried in that situation.

 

<Note 1009035.6>  proposes an approach that consists or wrapping the package to be secured with another package, however this approach can be impractical if a large number of packages need to be secured.

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms