Contents
Limiting access to Isok is a clear first-step.
Installing Isok into a dedicated schema goes a long way toward
helping with this.
When a schema is created, only the owner has access.[10]So, unless GRANTs are issued,
access is limited by default.
Remember also, the ISOK_RESULTS table contains query output that may contain sensitive information to which access should be restricted. And, even if this is not true today, it may become true when additional queries are added to ISOK_QUERIES.
Even the queries in ISOK_QUERIES could, possibly, contain sensitive information.
[10] Yes, this is true of all objects. Only the owner has access to any newly-created object. But having a single point of access, the schema dedicated to Isok, that grants access to all of Isok, provides a very useful point of control that serves as an easily audited gateway to Isok's functionality.
Page generated: 2025-06-26T11:38:35-05:00.