Select statement security
From: Riccardo Piccini (sviluppo_at_edp.it)
Date: 06/03/04
- Next message: Sven Peeters: "Cannot generate SPPI Context"
- Previous message: Rand Boyd [MSFT]: "RE: SQL Server Agent Proxy Account logon Failed"
- Next in thread: Sue Hoegemeier: "Re: Select statement security"
- Reply: Sue Hoegemeier: "Re: Select statement security"
- Reply: Narayana Vyas Kondreddi: "Re: Select statement security"
- Reply: Stephen Strong: "RE: Select statement security"
- Reply: Paul Ibison: "Re: Select statement security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 3 Jun 2004 17:15:08 +0200
Hi everybody!
I've a table "SALARY" like this:
NAME SALARY DEPT
John 3000,00 01
Mike 3100,00 01
Angela 2000,00 02
... ... ...
My DB users are USR1 and USR2
I would like that the statement "SELECT * FROM SALARY" return:
1) ALL the rows if the user running the above query is USR1
2) ONLY the rows for DEPT='02' if the user running the above query is USR2
Obviously, this is a security issue!!! (I mean, I know the use of the
"WHERE" clause, this is not my question!)
Is there a way (t-sql, stored procedure, trigger, or anything else) to do
this?!?! I would like that this security level was granted even if the query
is run directly from Query Analyzer by USR2, for example.
Thanks in advance!
-- Riccardo Piccini Supporto Software EDP SERVICE SRL
- Next message: Sven Peeters: "Cannot generate SPPI Context"
- Previous message: Rand Boyd [MSFT]: "RE: SQL Server Agent Proxy Account logon Failed"
- Next in thread: Sue Hoegemeier: "Re: Select statement security"
- Reply: Sue Hoegemeier: "Re: Select statement security"
- Reply: Narayana Vyas Kondreddi: "Re: Select statement security"
- Reply: Stephen Strong: "RE: Select statement security"
- Reply: Paul Ibison: "Re: Select statement security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
