Re: SQL Server 2005 Database Security
- From: "Uri Dimant" <urid@xxxxxxxxxxx>
- Date: Tue, 14 Nov 2006 16:43:21 +0200
Victor
You can grant an EXECUTE permission on the stored proceduers on database
level ,see(BOL). An exeption is if you are using dynamic SQL within a
stored procedure , then you'll have to grant SELECT/UPDATE/DELETE/UPDATE
permissions on underlying tables
"Victor" <Victor@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BE15EE7D-39C3-4DD7-93D0-C72D7CAD7E04@xxxxxxxxxxxxxxxx
Hello,
I would like to provide a level of security for a database by allowing a
login just to call a set of stored procedures in the database and not be
able
to access the tables directly.
Looks to me like a very basic thing to ask for. However, there doesn't
seem
to be an obvious way to achieve this. If one of the stored procedures
reads/writes from/to a table, I have to grant the appropriate permissions
to
that login and therefore that login can perform any read/write from/to the
table - without being restricted to the way the stored procedure does
these
operations.
Can someone (maybe someone in Microsoft) explain how to achieve what I
want
- or, alternatively state that you just can't do this in SQL Server 2005?
Thanks,
Victor
.
- Prev by Date: Re: modify xp_cmdshell to easily allow access to it
- Next by Date: Re: Login failed for user '(null)'
- Previous by thread: Re: 'MSDAORA' was unable to begin a distributed transaction - why?
- Next by thread: Re: SQL Server 2005 Database Security
- Index(es):
Relevant Pages
|
|
