Oracle DBA

How to block developing tools on Database March 23, 2012

Filed under: Database Security,Scripts — gaphydba @ 6:26 am

CONNECT / AS SYSDBA;

CREATE OR REPLACE TRIGGER block_tools_from_prod
AFTER LOGON ON DATABASE
DECLARE
v_prog sys.v_$session.program%TYPE;
BEGIN
SELECT program INTO v_prog
FROM sys.v_$session
WHERE  audsid = USERENV(‘SESSIONID’)
AND  audsid != 0  — Don’t Check SYS Connections
AND  ROWNUM = 1;  — Parallel processes will have the same AUDSID’s

IF UPPER(v_prog) LIKE ‘%TOAD%’ OR UPPER(v_prog) LIKE ‘%T.O.A.D%’ OR — Toad
UPPER(v_prog) LIKE ‘%SQLNAV%’ OR     — SQL Navigator
UPPER(v_prog) LIKE ‘%PLSQLDEV%’ OR — PLSQL Developer
UPPER(v_prog) LIKE ‘%BUSOBJ%’ OR   — Business Objects
UPPER(v_prog) LIKE ‘%EXCEL%’       — MS-Excel plug-in
THEN
RAISE_APPLICATION_ERROR(-20000, ‘Development tools are not allowed here.’);
END IF;
END;
/
SHOW ERRORS