Security role problem

From: "Tore G." <tgyl@xxxxxxxxxxxxxxxx>
Date: Sun, 25 Mar 2007 21:13:19 +0200

I have an SQL Server 2000 database with access project (.adp) front end
(client).

I have a security role that has the permission to run a stored procedure.
The stored procedure does a select and an update on a table. To make the
stored procedure run the security role have to be granted permission to do
select and update on the table.

The problem occurs when I attach this role to the client user of the
database.
This means that the end user can use excel, access or any other tool to
access the table directly and do updates of the table. I do not want this. I
would like the user to operate on the table via the stored procedure only,
not directly. How can this be fixed?

Regards

Tore

.

Follow-Ups:
- RE: Security role problem
  - From: Wei Lu [MSFT]

Prev by Date: Re: owned schema or role members?
Next by Date: Windows Authentication from a workgroup to a domain sql server
Previous by thread: Re: Security role problem
Next by thread: RE: Security role problem
Index(es):
- Date
- Thread

Relevant Pages

Re: Execute stored procedure only
... right to execute stored procedure in database called "mydatabase". ... deny on every permission and checked grant on execute. ...
(microsoft.public.sqlserver.security)
RE: Security context of stored procedure
... Suppose there are three users in a database TEST_CHAIN, ... simple stored procedure: ... also grant it to test_sp2 ... SELECT permission denied on object 'authors', database 'test_chain', owner ...
(microsoft.public.sqlserver.security)
Re: Execute stored procedure only
... You need CONNECT capability to be able to get into the database and execute ... You can compare this to having permission to eat a piece of pie, ... Should I not be able to just execute SP through QA? ... right to execute stored procedure in database called "mydatabase". ...
(microsoft.public.sqlserver.security)
Re: Stored procedure to drop and create table for end user
... > having permission on the database that they should not (like delete rows and ... > such) so the only thing the end user has access to is execute permission on ... > back with select permission not granted on a table the stored procedure is ... > tables (which i dont like doing considering some of them have sensative data ...
(microsoft.public.sqlserver.programming)
Re: Security context of stored procedure
... It seems that cross database tables are completely blocked from stored ... > grant exec ... > simple stored procedure: ... SQL Server will not check the permission of the ...
(microsoft.public.sqlserver.security)