Re: db_denydatawriter

From: Erland Sommarskog <esquel@xxxxxxxxxxxxx>
Date: Fri, 19 Oct 2007 21:50:50 +0000 (UTC)

Ant (Ant@xxxxxxxxxxxxxxxxxxxxxxxxx) writes:

I'm wondering. We have an application which uses its own login to interact
with this database. If a user has read write access for this application,
perhaps this also gives read write access on the database to this user?
Sounds dangerous but this might be what is happening perhaps?

No, the fact that a user has permission to run a certain Windows
executable, does not give her any permissions in SQL Server.

Did you check through Query Analyzer who she is really logged in as
when she use Enterprise Manager? Can she run UPDATE statements in QA
when logged in as herself?

--
Erland Sommarskog, SQL Server MVP, esquel@xxxxxxxxxxxxx

Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx
.

References:
- Re: db_denydatawriter
  - From: Uri Dimant
- Re: db_denydatawriter
  - From: Ekrem Önsoy
- Re: db_denydatawriter
  - From: Ant

Prev by Date: Re: what is the best way to store passwords and credit card information in SQL Server 2005?
Next by Date: Re: db_denydatawriter
Previous by thread: Re: db_denydatawriter
Next by thread: Re: db_denydatawriter
Index(es):
- Date
- Thread

Relevant Pages

Re: Complete Neophyte Question(s)
... I have a user named james on a database. ... WITH GRANT is one of the more esotheric features in SQL Server in my ... Or does that depend on the permission? ... CREATE USER erik ...
(microsoft.public.sqlserver.security)
RE: security problems with AD and SQL Server 2000
... I believe it is SQL server permission ... >The System developers group is placed into each users section of the ... >database for permitting database access to each database. ...
(microsoft.public.windows.server.active_directory)
Re: Alter Many Stored Procedures
... Books Online for SQL Server SP3 at ... >> What permission do I need to setup for a developer in order to change ... >> stored procedures in ABC database? ... Developer windows group is added to ...
(microsoft.public.sqlserver.security)
Re: How to protect SQL Server Express database from reverse engineerin
... prevent anyone from reverse engineering our database. ... I say within reasonable limits, ... Erland Sommarskog, SQL Server MVP, esquel@xxxxxxxxxxxxx ... Books Online for SQL Server 2005 at ...
(microsoft.public.sqlserver.security)
Re: Problem with my SQL 2000 Maintenance plans.
... I wouldn't use maint plan for this. ... using the most recent update of Books Online). ... If you do have a problem in the database, you want to be alerted so you can do ... >> option will most probably be removed in next version of SQL Server. ...
(microsoft.public.sqlserver.server)