Re: New user with no permissions can see and execute system stored procedures...

Hehe.
No, you got me there. I can see and open the views, but no columns are
returned.

Thanks a lot for your help.

Best regards

Jan
"Uri Dimant" <urid@xxxxxxxxxxx> wrote in message
news:ePIYKZjAHHA.3560@xxxxxxxxxxxxxxxxxxxxxxx
Jan
Did you try to query them?



"Jan Nielsen" <jan_a_bilinfo.dk> wrote in message
news:ujUqC$aAHHA.3316@xxxxxxxxxxxxxxxxxxxxxxx
Hi Uri
Thanks for answering
I did this in the database:
deny view definition to [MyUser]

But I can still see system views and stored procedures (though not system
tables)

Am I doing anything wrong?



"Uri Dimant" <urid@xxxxxxxxxxx> wrote in message
news:e87y2yaAHHA.2328@xxxxxxxxxxxxxxxxxxxxxxx
Jan
Perhaps this may help you
ms-help://MS.SQLCC.v9/MS.SQLSVR.v9.en/udb9/html/151b7a2e-ab97-42ba-baf0-6929c5334e29.htm





"Jan Nielsen" <jan_a_bilinfo.dk> wrote in message
news:ugldrlaAHHA.5060@xxxxxxxxxxxxxxxxxxxxxxx
Hi all
Using SQL Server 2005, I create a new server login (logged in as sa)
and map it to a database user and set its default schema to dbo.

Now when I open the database the newly created user is able to see (in
SQL Server Management Studio GUI) and execute _system_ stored
procedures. All user created stored procedures can neither be seen nor
executed.
I have only tried to execute sys.sp_catalogs, but in my opinion a new
user should only have the right to connect and nothing else.

Does anyone know how to remove the permssion to see and execute system
stored procedures?

(I tried to delete the guest account but got an error saying that it
could not be deleted but it was disabled in the database).

Best regards

Jan Nielsen









.

Relevant Pages

  • Re: Execute Persmission denied on object sp_OACreate
    ... SQL Server doesn't check permissions on indirectly referenced objects as ... You can prevent ad-hoc execution of powerful master database procs while ... >I have a user who has execute permissions on a store procedure in a>database> which in turns executes 4 stored procedures in the master database. ...
    (microsoft.public.sqlserver.security)
  • Re: how to secure a sql 2005 database?
    ... that's why i rather keep my stored procedures in my own source code, then pass it thru to sqlexec to execute. ... its like quickbooks turning over their internal structures, which they really don't, but provide an api to export data out. ... so are you saying that i can't create a user and make that user the only valid user to get into the database, and unless you know the password, even admins, you cant open the database at all. ...
    (microsoft.public.sqlserver.setup)
  • Re: Grant Execute right to the group of users
    ... Below is a script that will grant execute permissions to the specified role ... on all user procedures in the current database. ... > How could I grant the execute right to all stored procedures in a database for a group of users? ...
    (microsoft.public.sqlserver.programming)
  • Re: New user with no permissions can see and execute system stored procedures...
    ... map it to a database user and set its default schema to dbo. ... SQL Server Management Studio GUI) and execute _system_ stored procedures. ...
    (microsoft.public.sqlserver.security)
  • Re: New user with no permissions can see and execute system stored procedures...
    ... But I can still see system views and stored procedures (though not system ... map it to a database user and set its default schema to dbo. ... SQL Server Management Studio GUI) and execute _system_ stored ... I have only tried to execute sys.sp_catalogs, but in my opinion a new ...
    (microsoft.public.sqlserver.security)