DENY ALL on system SPs in a database

ALL,

We are currently undergoing a SQL injection attack. While I have denied all access to system tables in the databases for the account in question, I was wondering if there is any risk in denying execute rights on all the system stored procedures in the database as well for this account (which is a sql account I created for our web applications to use)

We are currently using MSSQL Server 2000 in the windows environment

Thoughts?

Thank you in advance!

Mike
.

Relevant Pages

  • E*Trades database systems?
    ... Does anyone know what database vendor and middleware vendors are used ... address information in their multiple databases. ... Account verification forms that popup when the user logs in. ... is unable to remove these forms after a customer has completed it. ...
    (comp.databases)
  • Re: Joining tables from two databases
    ... This posting is provided "AS IS" with no warranties, and confers no rights. ... Hitchhiker's Guide to Visual Studio and SQL Server ... I'm not really following how you are solving it using a service account. ... Are these 2 databases are SQL Server? ...
    (microsoft.public.dotnet.framework.adonet)
  • Re: public role???
    ... The guest user account cannot be removed from ... > databases, but not ... then that's the way SQL Server ...
    (microsoft.public.sqlserver.security)
  • Re: Joining tables from two databases
    ... Hitchhiker's Guide to Visual Studio and SQL Server ... account with rights to both tables. ... to create a connection I need to use a connection ... Are these 2 databases are SQL Server? ...
    (microsoft.public.dotnet.framework.adonet)
  • Re: Read Only User - One Database
    ... No....nothing about someone creating the guest account but I ... don't know what databases the user is accessing. ... >> that user permissions to select from all user tables. ...
    (microsoft.public.sqlserver.security)