The product user profile is an Oracle table,
owned by the SYSTEM user, that contains a list of SQL*Plus command
restrictions by user. The table may contain role restrictions as well.
The name of this table used to be
product_user_profile. Now it is
product_profile, but a
exists to ensure backward compatibility.
Primarily, the aproduct user profile enables you to give end users access to SQL*Plus for reporting and ad hoc query purposes, yet restrict them from using SQL statements such as INSERT and DELETE that might damage production data.
Real-world applications typically implement many business rules, edit checks, and security at the application level rather than within the database. Modifying the data using an ad hoc tool, such as SQL*Plus, bypasses the rules and risks data integrity. Because of this, it's usually important to ensure that data are modified through the application, where the rules can be enforced.
If you give people an application that requires a database username and password, and those people have access to SQL*Plus, it won't be too long before some curious and adventurous soul will figure out that the same username and password that works for the application will work for SQL*Plus. Next thing you know, you will have someone running ad hoc queries that haven't been tuned, or, worse yet, you may have someone issuing ad hoc INSERT, UPDATE, or DELETE statements. ...