Re: View Security

From: Tom Moreau (tom@dont.spam.me.cips.ca)
Date: 03/05/03


From: "Tom Moreau" <tom@dont.spam.me.cips.ca>
Date: Wed, 5 Mar 2003 14:38:53 -0500

By default, you can examine the system objects. I imagine you could revoke SELECT permission on the various tables, procs, etc. Metadata is generally not considered sensitive.

-- 
Tom
---------------------------------------------------------------
Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
SQL Server MVP
Columnist, SQL Server Professional
Toronto, ON Canada   tom@cips.ca
www.pinnaclepublishing.com/sql
  "A.M" <hate-spam@spam.com> wrote in message news:#RQ7P204CHA.1676@TK2MSFTNGP12.phx.gbl...
  So you mean if we give small access to a user then the user will be able to see all database structure ? That is terrible vulnerability.
  We have SCHEMA in Oracle so i can efficiently hide any part of database from user. Do we have similar thing in SQL server? I know SqlServer 2000 has scema capability. Can it solve my problem ?
  Thanks,
  Ali
    "Tom Moreau" <tom@dont.spam.me.cips.ca> wrote in message news:#xtfKY04CHA.2408@TK2MSFTNGP09.phx.gbl...
    Well, yes and no.  You can create a view, proc or function and specify the WITH ENCRYPTION option.  However, it is quite difficult to prevent users from seeing a list of objects.
    -- 
    Tom
    ---------------------------------------------------------------
    Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
    SQL Server MVP
    Columnist, SQL Server Professional
    Toronto, ON Canada   tom@cips.ca
    www.pinnaclepublishing.com/sql
      "A.M" <hate-spam@spam.com> wrote in message news:O$KCE2z4CHA.2408@TK2MSFTNGP09.phx.gbl...
      Hi,
      Can i limit a user to just run a select statemet on a view, but do not allow
      him see the view definition or list of other database objects?
      If i make a login member of database public role, then that user will be
      able to see all database structue such as view/table/sp definitions.
      We need to restrict a user and hide database structure from him. All we want
      him to do is run a select statement on a view, but we don't want him to see
      view structure.
      Any help would be appreciated,
      Ali


Relevant Pages

  • Re: View Security
    ... I imagine you could revoke SELECT permission on the various tables, procs, etc. Metadata is generally not considered sensitive. ... Columnist, SQL Server Professional ... able to see all database structue such as view/table/sp definitions. ... We need to restrict a user and hide database structure from him. ...
    (microsoft.public.sqlserver.security)
  • Re: Second Question: How can i Update database structure ?
    ... database structure without manipulating the data's on that database. ... - In Microsoft SQL Server Management Studio ... If you don't want to drop and reload tables, ... Books Online for SQL Server 2005 at ...
    (microsoft.public.sqlserver.tools)
  • Re: Strange behavior seen on sql server
    ... SQL Server validates your each TSQL batch at compile-time by checking column ... names against the database structure. ... and DML code entirely separate, this shouldn't normally be a problem in ... this in a single script is to put GO between the two statements to separate ...
    (microsoft.public.sqlserver.server)
  • Re: View Security
    ... The only thing if we can also hide is list of server logins. ... I assigned the deny permissions to this role, and assigned the user to the role in both master and the test database. ... Columnist, SQL Server Professional ... We need to restrict a user and hide database structure from him. ...
    (microsoft.public.sqlserver.security)
  • MS SQL Server - a plethora of limitations...
    ... there are limitations in SQL Server, ... still cannot produce a decent version of MS SQL Server, ... No create or replace for functions / procs. ... > RefID1 int not null foreign key references ForKey ...
    (microsoft.public.sqlserver.programming)