Understanding of permissions

From: Jon Rosenbaum (jrosenbaum@sscinc.com)
Date: 03/06/03


From: "Jon Rosenbaum" <jrosenbaum@sscinc.com>
Date: Thu, 6 Mar 2003 09:50:27 -0500


I have a database with stored procs that handle the record
insert/update/delete requests so that our application's front end is not
directly issuing these commands. If I set up a user on the database with
execute permissions on the stored procs, how come the user would still need
SELECT permissions if the proc issues a select statement? Would this logic
filter through the other permissions as well? The whole point of this
permission set up is to not allow the user to directly make any
modifications to the data.

Any insight would be appreciated.

Jon



Relevant Pages

  • Re: Sql permissions headache
    ... at the bottom of all of the scripts I create for database object ... apply permissions to that object on creation. ... Read and write permissons are easy to address but stored procs are ...
    (microsoft.public.sqlserver.security)
  • Re: Sql permissions headache
    ... sync the databases and stored procs. ... By scripting all of your database objects and the permissions ... Knowing which permissions to assign each group is not going to be easy... ...
    (microsoft.public.sqlserver.security)
  • Re: Sql permissions headache
    ... By scripting all of your database objects and the permissions ... Knowing which permissions to assign each group is not going to be easy... ... creation (tables, views, stored procs, etc.), I put a GRANT statement to ...
    (microsoft.public.sqlserver.security)
  • Re: SQL 2000 Windows Authentication - Same User Multiple Groups
    ... App1 contains CRUD functionality using stored procs (EXEC perms on ... UpdateResearch stored procs. ... execute UpdateResearch. ... view-level permissions such that we can permit/deny a database action ...
    (microsoft.public.sqlserver.security)
  • Re: SQL 2000 Windows Authentication - Same User Multiple Groups
    ... App1 contains CRUD functionality using stored procs (EXEC perms on ... Resarch group (of which he is also a member), ... execute UpdateResearch. ... view-level permissions such that we can permit/deny a database ...
    (microsoft.public.sqlserver.security)