Re: Controlling create & drop proc, view privilege
From: Uri Dimant (urid_at_iscar.co.il)
Date: 10/28/04
- Previous message: Dan Guzman: "Re: Control over creation of procs & views owned by dbo"
- In reply to: Mani: "Controlling create & drop proc, view privilege"
- Next in thread: Sue Hoegemeier: "Re: Controlling create & drop proc, view privilege"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 28 Oct 2004 09:00:55 +0200
Mani
You can EXECUTION permission on the stored procedure for the user
Also ,you can remove him/her from sysadmin fixed server role but he/she
should be member db_owner fixed database and must qualified User.sp
"Mani" <Mani@discussions.microsoft.com> wrote in message
news:0C3FBF63-843E-465E-98C0-4BE9152BF08F@microsoft.com...
> Hi,
>
> Is there a way to allow a user, who has access to a db say "DevDB" as
> db_datareader, to only create & drop stored procs and views in DevDB. What
> extra permissions does the user need ?
>
> I tried playing with the "grant create proc to user" command. But it lets
> the user create procs with him as owner. In the current case, the
application
> needs all objects to be owned by dbo, so the user needs to be able to run
> "create proc dbo.tempProc as ..."
>
> In case there is a solution to the above, we might fall into the next
trap.
> since the user can create procedures with dbo as the owner, if the SP has
a
> drop table command, that would execute in the owners context and hence
would
> drop the table. Is that right ? I guess the question is when an SP is
> executed does it use the permissions of the owner of the SP or the user
> executing the SP
>
> --
> Mani
- Previous message: Dan Guzman: "Re: Control over creation of procs & views owned by dbo"
- In reply to: Mani: "Controlling create & drop proc, view privilege"
- Next in thread: Sue Hoegemeier: "Re: Controlling create & drop proc, view privilege"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
