Oracle: make WORM (write-once, read-many) table?

Context: logging table changes, and we don't want to accidentally mess up the log entries. This is an internal, non-financial app, so we're not worried about hostile modification.

I thought I could just revoke delete/update, but it turns out you can't do that to yourself:

ORA-01749: you may not GRANT/REVOKE privileges to/from yourself

What's the most canonic开发者_运维技巧al way to do this?

You should not use triggers to enforce security requirements.

You should create the table owned by another schema, then only grant the necessary privileges (e.g. INSERT).

Make a BEFORE UPDATE and/or a BEFORE DELETE trigger on the table, which will ALWAYS raise an exception.