Oracle Security By William Heney, Marlene Theriault
Table of Contents
Chapter 14. Maintaining User Accounts
14.3 Documenting the User State
An application such as the one we've just discussed one that simplifies the task of maintaining users and roles does not necessarily help with the documentation of what has been done. That function could be built into the application, but it is not advised. People do make mistakes during development, and documenting the finished product is easier. The term "documentation" in this context means the creation of script files that will recreate the architecture of the database particularly the assignment of roles to users and the declaration of the user default roles. This documentation is useful for several purposes, but the primary one is to assist with database recovery. If backups are done regularly, these scripts will probably never be used. Murphy, however, seems to work in every computer shop.
Most of the information in the data dictionary is already documented by the scripts the DBA creates. The assignment of roles to users is rather dynamic, particularly in the early phases of development of a system. A script to extract that information from the data dictionary would be handy; we provide one in the following section.