Re: View Security
From: Tom Moreau (tom@dont.spam.me.cips.ca)
Date: 03/05/03
- Next message: A.M: "Re: View Security"
- Previous message: A.M: "Re: View Security"
- In reply to: A.M: "Re: View Security"
- Next in thread: Jasper Smith: "Re: View Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Tom Moreau" <tom@dont.spam.me.cips.ca> Date: Wed, 5 Mar 2003 15:05:19 -0500
Well, without their passwords, there isn't much they can do. Certainly, table structure is unimportant. If a user is allowed to use a view, they should know what columns it has and what the datatypes are.
-- Tom --------------------------------------------------------------- Thomas A. Moreau, BSc, PhD, MCSE, MCDBA SQL Server MVP Columnist, SQL Server Professional Toronto, ON Canada tom@cips.ca www.pinnaclepublishing.com/sql "A.M" <hate-spam@spam.com> wrote in message news:O3RgoH14CHA.2288@TK2MSFTNGP10.phx.gbl... The user can see list of other users who can login into the database. I would say that is very very sensetive. "Tom Moreau" <tom@dont.spam.me.cips.ca> wrote in message news:OrBrn804CHA.2396@TK2MSFTNGP11.phx.gbl... By default, you can examine the system objects. I imagine you could revoke SELECT permission on the various tables, procs, etc. Metadata is generally not considered sensitive. -- Tom --------------------------------------------------------------- Thomas A. Moreau, BSc, PhD, MCSE, MCDBA SQL Server MVP Columnist, SQL Server Professional Toronto, ON Canada tom@cips.ca www.pinnaclepublishing.com/sql "A.M" <hate-spam@spam.com> wrote in message news:#RQ7P204CHA.1676@TK2MSFTNGP12.phx.gbl... So you mean if we give small access to a user then the user will be able to see all database structure ? That is terrible vulnerability. We have SCHEMA in Oracle so i can efficiently hide any part of database from user. Do we have similar thing in SQL server? I know SqlServer 2000 has scema capability. Can it solve my problem ? Thanks, Ali "Tom Moreau" <tom@dont.spam.me.cips.ca> wrote in message news:#xtfKY04CHA.2408@TK2MSFTNGP09.phx.gbl... Well, yes and no. You can create a view, proc or function and specify the WITH ENCRYPTION option. However, it is quite difficult to prevent users from seeing a list of objects. -- Tom --------------------------------------------------------------- Thomas A. Moreau, BSc, PhD, MCSE, MCDBA SQL Server MVP Columnist, SQL Server Professional Toronto, ON Canada tom@cips.ca www.pinnaclepublishing.com/sql "A.M" <hate-spam@spam.com> wrote in message news:O$KCE2z4CHA.2408@TK2MSFTNGP09.phx.gbl... Hi, Can i limit a user to just run a select statemet on a view, but do not allow him see the view definition or list of other database objects? If i make a login member of database public role, then that user will be able to see all database structue such as view/table/sp definitions. We need to restrict a user and hide database structure from him. All we want him to do is run a select statement on a view, but we don't want him to see view structure. Any help would be appreciated, Ali
- Next message: A.M: "Re: View Security"
- Previous message: A.M: "Re: View Security"
- In reply to: A.M: "Re: View Security"
- Next in thread: Jasper Smith: "Re: View Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
