Re: SQL 2005 public role

Tom
Yep ( I have just forgotten that he uses SQL Server 2005) , however I still
think it will be better to GRANT EXECUTE permissions rather using EXECUTE
AS command , (it is easy to forget REVERT and ect. )



"Tom Moreau" <tom@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:ug9ojcmUGHA.3192@xxxxxxxxxxxxxxxxxxxxxxx
He can use EXECUTE AS in order to avoid granting permissions on the
underlying tables.

--
Tom

----------------------------------------------------
Thomas A. Moreau, BSc, PhD, MCSE, MCDBA
SQL Server MVP
Columnist, SQL Server Professional
Toronto, ON Canada
www.pinpub.com
.
"Uri Dimant" <urid@xxxxxxxxxxx> wrote in message
news:%23D52SXmUGHA.4660@xxxxxxxxxxxxxxxxxxxxxxx
Hi
Who is an owner of this SP?
Avoid adding logins to the public role. Grant an execution permission to
the
stored procedure ( be aware if you are using dynamic sql within this sp ,
you'll have to grant permissions on underlying tables as well)



"Franky" <Franky@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:37C732BA-FAD2-43F8-A0EF-1F23383674B8@xxxxxxxxxxxxxxxx
I've made a stored procedure stp_LogError which will be used to have a
central errorhandling system.
(So in the usermade stored procedures in the catch-block stp_Logerror
will
be used to log the error).
I've granted execute permissions for stp_LogError to the public role.
Afterward I added a NT-login to the server and added this login to the
role
public in the database.
I granted this user execute rights to a stored procedure in which
stp_Logerror is used.
When this user calls this stored procedure, this stored procedure
executes,
but when an error occurs we receive an execute permission denied on
stp_LogError for this user.

When I check the login for this user it is made a user in the database
through the role public.
When I check the role public in the database the user is not a member of
the role public.

I thaught that every user which is granted acces to a database is member
of
the public role, so when i granted execute rights for stp_logerror to the
public role, everyone (except the explicitly denied ones) would have
execute
rights on stp_LogError.

Can someone explain this to me




.

Relevant Pages

  • Re: IIS6 - CGI wont run on new website
    ... > Sounds like your CGI is broken and needs to be debugged. ... > Your customer did not correctly configure execute permissions for the ... > instead of execute on server. ... > This configuration controls how IIS handles such ambiguous URLs. ...
    (microsoft.public.inetserver.iis)
  • Re: SQL 2005 public role
    ... Grant an execution permission to the ... stored procedure (be aware if you are using dynamic sql within this sp, ... I've granted execute permissions for stp_LogError to the public role. ...
    (microsoft.public.sqlserver.security)
  • Re: Sql Server - Basic Permissions Question
    ... I have set EXECUTE permissions to the sp's as needed for the user. ... durring the execution of the stored procedure so long as the owner of the ... target table is the same as the owner of the stored procedure. ...
    (microsoft.public.sqlserver.security)
  • Re: SQL 2005 public role
    ... He can use EXECUTE AS in order to avoid granting permissions on the ... stored procedure (be aware if you are using dynamic sql within this sp, ... I've granted execute permissions for stp_LogError to the public role. ...
    (microsoft.public.sqlserver.security)
  • Re: Execute SP to access table with no select permissions
    ... create a stored procedure that runs the required ... Then just execute the SP from VB. ... > I have a stored procedure in the DB that the public role has execute privs ... This sp performs selects on 'refs' and returns a recordset to a VB ...
    (microsoft.public.sqlserver.security)