Re: Using xp_smtp_sendmail from a stored proc
From: Dan Guzman (guzmanda_at_nospam-online.sbcglobal.net)
Date: 05/26/05
- Previous message: Dan Guzman: "Re: listening on... interfaces"
- In reply to: Support: "Re: Using xp_smtp_sendmail from a stored proc"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 26 May 2005 08:14:47 -0500
Also, the user database needs to be owned by 'sa' so that the ownership
chain is unbroken to the dbo-owned objects in the user database. The
security implications of 'db chaining' (a.k.a. cross-database chaining)
should be fully understood before enabling the option. The 'db chaining'
option should be enabled in an sa-owned database when only sysadmin role
members have permissions to create dbo-owned objects in that database.
-- Hope this helps. Dan Guzman SQL Server MVP "Support" <RemoveThis_Support@mail.oci.state.ga.us> wrote in message news:%23rGOFtTYFHA.3220@TK2MSFTNGP14.phx.gbl... >I had the same problem: > make sure the db chainning permissions thing is turned on > check sp_dboption > Terry > > "Uri Dimant" <urid@iscar.co.il> wrote in message > news:uuXZ47PYFHA.2520@TK2MSFTNGP09.phx.gbl... >> Rudi >> What is an error? Have you done dynamic sql inside your sp? >> >> "Rudi" <rla.remove@finarch.com> wrote in message >> news:%23XVwgnPYFHA.1868@TK2MSFTNGP14.phx.gbl... >>> That is what I have done, but I still get the error message in the >>> application that the user needs execute permissions on the extended >>> stored >>> proc... >>> >>> could anyone point me to some links that explain this behaviour? >>> >>> Thanks >>> >>> "Uri Dimant" <urid@iscar.co.il> wrote in message >>> news:OLuVJEHYFHA.712@TK2MSFTNGP14.phx.gbl... >>> > Rudi >>> > Grant EXECUTE permission on the stored procedure that you wrote >>> > >>> > "Rudi" <rla.remove@finarch.com> wrote in message >>> > news:%23dYJG3GYFHA.2588@TK2MSFTNGP14.phx.gbl... >>> >> Hi, >>> >> >>> >> I'd like to use the xp_smtp_sendmail extended stored procedure from a >>> >> procedure I wrote. >>> >> The normal procedure is installed as dbo on the database, but I still >>> >> need >>> >> to grant execute rights to the end-users (using integrated >>> >> security... >>> >> its >>> >> legacy) for the extended stored procedure. >>> >> >>> >> Of course, I'd rather not have to do that, as it exposes to my sql >> server >>> >> (mail spamming, files can be fetched from the server..). >>> >> >>> >> How can I set-up the security (or the stored proc) so that I do not >> need >>> > to >>> >> grant users the execute right on the extended stored proc. >>> >> (reminder: connection is made using integrated security) >>> >> >>> >> Thanks >>> >> Rudi >>> >> >>> >> >>> > >>> > >>> >>> >> >> > >
- Previous message: Dan Guzman: "Re: listening on... interfaces"
- In reply to: Support: "Re: Using xp_smtp_sendmail from a stored proc"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
