This Toad 11 beta new feature made me so happy !
Not only you can specify a color for your connection (ex: red=prod, green=devl), and this color is much more visible than it was in previous version of TOAD, but now you can set your connection to be read-only.
For any reason, bored, ill, under pressure, tired, you may screw up your database one of those days.
I feel so good that I can now setup my prod connection to be read-only. It is REALLY cool.
Setting the connection read-only is a TOAD feature. As it is in beta it may not be 100% bullet-proof. Mostly it allows you to do only SELECT in the editor, even if you are logged in as SYSTEM or SYS.
Anything comparable in SQL Developer?
HI Laurent,
In SQL Dev this feature was already requested but hasn’t been implemented on 3.0 EA1 and i don’t think will make it on EA2 but read-only is already present on PL/SQL.
Dani
Hi Dani, what do you mean with readonly plsql?
Hi Laurent
Sounds great. Can you try whether selects over a database link work? Remember, a select over a database link needs to be ended by a commit or rollback. This could cause some troubles in read-only mode.
Have you already tested functions and procedures in read only mode?
Regards Dani
(not DanyC)
A dream come true !!! This feature can actually save thousands of dollars to some organisation !
How about SELECT * FROM table FOR UPDATE ?
Part of the problem is that Oracle makes this REALLY hard for a client to manage. You basically have to shut out anything that doesn’t start with SELECT (and now the WITH clause) and maybe “ALTER USER” to allow them to change their password.
Let’s hope the SQL Dev folks wake up and make this available. Long overdue. I shudder every time I see SQLDev and Toad being used by end users against production systems in their current form!
And it’s not just read only bit, it’s also the quaint habit of keeping cursors open across multiple windows, with the result that any production operation that requires a table lock (drop/recreate index, etc) gets put in the queue…
Pingback: Warm Fuzzy Feelings | The Pythian Blog
Hey, lots of responses over here!
About select for update and read-only access : so true, you can still select for update.
Read this:
http://blog.tanelpoder.com/2007/11/19/oracle-security-part-2-your-read-only-accounts-arent-that-read-only
About commit: no. Nothing else than SELECT and WITH.
Of course you could want to do an ALTER SESSION… but no, you cannot.
Also note that you can still run the most destructive queries in sqlplus with “Execute via sql*plus”.
Only the “Toad” is read-only, but the access to external tools is not managed…
Also note that your Toad password is cached, you can easily display it in clear text by displaying $UPW in an external tool (no, it is not a security leak, it is a feature 👿 )