Controlling create & drop proc, view privilege
From: Mani (Mani_at_discussions.microsoft.com)
Date: 10/27/04
- Next message: Jasper Smith: "Re: Encryptin stored procedures"
- Previous message: Mani: "Control over creation of procs & views owned by dbo"
- Next in thread: Uri Dimant: "Re: Controlling create & drop proc, view privilege"
- Reply: Uri Dimant: "Re: Controlling create & drop proc, view privilege"
- Reply: Sue Hoegemeier: "Re: Controlling create & drop proc, view privilege"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 27 Oct 2004 14:33:04 -0700
Hi,
Is there a way to allow a user, who has access to a db say "DevDB" as
db_datareader, to only create & drop stored procs and views in DevDB. What
extra permissions does the user need ?
I tried playing with the "grant create proc to user" command. But it lets
the user create procs with him as owner. In the current case, the application
needs all objects to be owned by dbo, so the user needs to be able to run
"create proc dbo.tempProc as ..."
In case there is a solution to the above, we might fall into the next trap.
since the user can create procedures with dbo as the owner, if the SP has a
drop table command, that would execute in the owners context and hence would
drop the table. Is that right ? I guess the question is when an SP is
executed does it use the permissions of the owner of the SP or the user
executing the SP
-- Mani
- Next message: Jasper Smith: "Re: Encryptin stored procedures"
- Previous message: Mani: "Control over creation of procs & views owned by dbo"
- Next in thread: Uri Dimant: "Re: Controlling create & drop proc, view privilege"
- Reply: Uri Dimant: "Re: Controlling create & drop proc, view privilege"
- Reply: Sue Hoegemeier: "Re: Controlling create & drop proc, view privilege"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
