People's attitudes about security—and its sibling, privacy—tend to reflect the way they move through life. On the one hand are folks who sleep with their windows open, talk loudly on their cell phone in public places, and have no problem giving out their Social Security number to anyone who asks for it. On the other hand are folks who may never go out after dark, lock their car door when they're at a self-serve gas station, and pay for everything with cash. And, of course, there are the bad guys: the ones the second group worries about.
In computer programming, there are also two extremes. There are the "full steam ahead" developers who focus only on the "business" functionality. Security? Huh? Not my job. There is also a class of techies who are increasingly concerned with protecting systems from electronic vandals and other miscreants. Some Oracle developers tend toward the first extreme, while DBAs usually tend toward the second. Security professionals are another group altogether; they are people who install network firewalls and spend a lot of time thinking about how to break into things.
Because security is something you cannot afford to ignore or save until the last minute, this chapter looks at the features and tools available to secure PL/SQL-based systems. Technology topics covered in this chapter include:
Security of each Oracle account, particularly your own
Database privileges and roles, and their impact on PL/SQL applications ...