Re: Column level security

From: ray (raywagoner@aristotle.net)
Date: 07/27/02 

From: "ray" <raywagoner@aristotle.net>
Date: Sat, 27 Jul 2002 14:53:48 -0700

I have also come to that conclusion, but I really want to
have the query return values for the columns not denied
and not return values for the columns denied. I don't
want it to substitute values, "#name" is what I generally
get on non returned (or undefined) values with upsized
Access database. I want every one to be able to use the
same form with the same query but only allow admins to
see the SS#. I have not found an acceptable workaround.

***ray***
>-----Original Message-----
>Ray,
>
>> Want to
>> get less important group to get everything except
denied
>> column without modifing query.
>
>To the best of my knowledge, not possible. DENY
doesn't "substitute" values
>.... it, as the name implies, denies access to the
database object.
>
>My suggestion:
>Create a view that excludes the restricted columns. DENY
permissions on the
>base table. GRANT SELECT permissions on the view.
>
>-------------------------------------------
>BP Margolin
>Please reply only to the newsgroups.
>When posting, inclusion of SQL (CREATE TABLE ...,
INSERT ..., etc.) which
>can be cut and pasted into Query Analyzer is appreciated.
>
>"ray" <raywagoner@aristotle.net> wrote in message
>news:17bf01c23586$56a7c300$a4e62ecf@tkmsftngxa06...
>> Have assigned select perm to a table and deny perm to a
>> column within that table. Made query that included
denied
>> column. When admin ran query, got all columns. When
less
>> important group ran query got no columns at all. Want
to
>> get less important group to get everything except
denied
>> column without modifing query.
>>
>> Result wanted for admin:
>> john 000-00-0000 manager 555-1212
>>
>> Result wanted for others:
>> john #name manager 555-1212
>
>
>.
>

Relevant Pages

  • + Trivantis CourseMill Enterprise Learning Management System - SQL Injection - CVE-20
    ... The username field on the login page is susceptible to SQL injection... ... Trivantis and CourseMill are registered trademarks of Trivantis. ... The logins are unencrypted and stored in the "Admin" table. ... Sample Query Logs from Exploiter Beta: ...
    (Bugtraq)
  • Re: Summing time worked by an individual on a weekly basis
    ... query going without the inapplicable records in the other tables change ... TypeOfTime (Toil, Lunch, Holiday, TravelTo, TravelFrom, Etc.) ... bulk of activities undertaken by the team) - Admin, ... which pull out the data for each adviser from each table and then adds ...
    (microsoft.public.access.queries)
  • Re: Search sub-form without writing exactly what is contained in query field
    ... will this work if say I type 'Admin' and 'Finance' in the same ... firstly I want to search all staff who have 'finance' ... Is there a way of searching a sub-form (reading from a query) without ... Manager' and 'Finance Manager' appeared as part of the results? ...
    (comp.databases.ms-access)
  • Re: Query that calls value from one table field to another table f
    ... Table Name: Admin ... "Jeff Boyce" wrote: ... I may not use the same definition of the term "populate". ... query is run. ...
    (microsoft.public.access.queries)
  • Re: Queries & table locking
    ... as users do not use the database; it simply serves as a source for ... interprets the current user as admin. ... The query is a make-table query, ... If instead of running a make-table query, ...
    (microsoft.public.access.queries)