Re: View Security
From: A.M (hate-spam@spam.com)
Date: 03/05/03
- Next message: Denny: "Re: View Security"
- Previous message: news@news.com: "Re: Re:Password"
- In reply to: Jasper Smith: "Re: View Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "A.M" <hate-spam@spam.com> Date: Wed, 5 Mar 2003 16:35:44 -0500
Sql2000 SP3
"Jasper Smith" <jasper_smith9@hotmail.com> wrote in message
news:u4NZ1s14CHA.3008@TK2MSFTNGP11.phx.gbl...
> What version and service pack are you on ?
>
> --
> HTH
>
> Jasper Smith (SQL Server MVP)
>
> I support PASS - the definitive, global
> community for SQL Server professionals -
> http://www.sqlpass.org
>
> "A.M" <hate-spam@spam.com> wrote in message
> news:O3RgoH14CHA.2288@TK2MSFTNGP10.phx.gbl...
> The user can see list of other users who can login into the database. I
> would say that is very very sensetive.
>
> "Tom Moreau" <tom@dont.spam.me.cips.ca> wrote in message
> news:OrBrn804CHA.2396@TK2MSFTNGP11.phx.gbl...
> By default, you can examine the system objects. I imagine you could
> revoke SELECT permission on the various tables, procs, etc. Metadata is
> generally not considered sensitive.
>
> --
> Tom
>
> ---------------------------------------------------------------
> Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
> SQL Server MVP
> Columnist, SQL Server Professional
> Toronto, ON Canada tom@cips.ca
> www.pinnaclepublishing.com/sql
>
> "A.M" <hate-spam@spam.com> wrote in message
> news:#RQ7P204CHA.1676@TK2MSFTNGP12.phx.gbl...
>
> So you mean if we give small access to a user then the user will be
able
> to see all database structure ? That is terrible vulnerability.
>
> We have SCHEMA in Oracle so i can efficiently hide any part of
database
> from user. Do we have similar thing in SQL server? I know SqlServer 2000
has
> scema capability. Can it solve my problem ?
>
> Thanks,
> Ali
>
>
>
>
> "Tom Moreau" <tom@dont.spam.me.cips.ca> wrote in message
> news:#xtfKY04CHA.2408@TK2MSFTNGP09.phx.gbl...
> Well, yes and no. You can create a view, proc or function and
specify
> the WITH ENCRYPTION option. However, it is quite difficult to prevent
users
> from seeing a list of objects.
>
> --
> Tom
>
> ---------------------------------------------------------------
> Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
> SQL Server MVP
> Columnist, SQL Server Professional
> Toronto, ON Canada tom@cips.ca
> www.pinnaclepublishing.com/sql
>
> "A.M" <hate-spam@spam.com> wrote in message
> news:O$KCE2z4CHA.2408@TK2MSFTNGP09.phx.gbl...
> Hi,
>
> Can i limit a user to just run a select statemet on a view, but do
> not allow
> him see the view definition or list of other database objects?
> If i make a login member of database public role, then that user
> will be
> able to see all database structue such as view/table/sp
definitions.
> We need to restrict a user and hide database structure from him.
All
> we want
> him to do is run a select statement on a view, but we don't want
him
> to see
> view structure.
>
> Any help would be appreciated,
> Ali
>
>
>
>
>
- Next message: Denny: "Re: View Security"
- Previous message: news@news.com: "Re: Re:Password"
- In reply to: Jasper Smith: "Re: View Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
