ThatJeffSmith

Toad for Oracle v11 New Feature: Read Only Connections

Toad is a powerful tool. It can do a lot of work in a short amount of time. This work can be destructive. I maintain both a development and production instance. How bad would it be if I accidently dropped or truncated a table mistakenly in the wrong database?

Of course I can only perform the tasks in the database which my login privileges allow. Even with all the safeguards, we can, and often do, still make mistakes.

Please do not ignore proper database security best practices!

Ok, now that I got that off my chest, the next version of Toad, currently in Beta, will allow for an extra layer of protection.

When you connect to a database, you have the option of defining that connection as ‘Read Only.’

We currently offer a separate download/installation of Toad called ‘Toad Read Only’ that prevents any connection from making changes in a session. In v11, a user will have the flexibility of saying, let my privs define what I can do in InstanceA, but in InstanceB, never let me make changes to objects to data – no matter what!

I have logged in AS SYSDBA, but Toad will still prevent me from even updating a simple table. If you try to get tricky and execute a script that contains DDL, we will catch that too.

Connections established as ‘Read Only’ will prevent:

  • INSERTs, UPDATEs, DELETEs
  • CREATEs, ALTERs, DROPs, TRUNCATEs
  • Please do not ignore proper database security best practices!

    Remember, this is to keep you from making a simple mistake with grave circumstances. This is not to help you avoid the task of locking down privileges for your database users.