Limiting database access with PRODUCT_USER_PROFILE
Can PRODUCT_USER_PROFILE be used to limit access to a database from products other than SQL*Plus, such as TOAD?
No, the PRODUCT_USER_PROFILE table is read by SQL*Plus and it is not employed by the database in any way. The features enabled or disabled by the entries in the PRODUCT_USER_PROFILE table only apply when using the SQL*Plus tool and do not apply when using any other tool to connect to the database. This is covered in the 9.2.0 documentation on SQL*PLus in this excerpt:
DBAs can use the PUP table to disable certain SQL and SQL*Plus commands in the SQL*Plus environment on a per-user basis. SQL*Plus--not the database--enforces this security. DBAs can even restrict access to the GRANT, REVOKE, and SET ROLE commands to control users' ability to change their database privileges.
This was first published in April 2004