Re: Exec permissions on Stored Procedure
- From: Erland Sommarskog <esquel@xxxxxxxxxxxxx>
- Date: Wed, 06 Aug 2008 14:35:02 -0700
gv (viator.gerry@xxxxxxxxx) writes:
Seems the more objects you give permissions to the more risk there is?
Logical to me.
If I'm Admin and say I want someone to run that SP, shouldn't matter who
owns what objects used in that SP.
I can agree that the idea the if the procedure owner has permission to the
table, that should be enough. Rick gave a good example, but to me it is a
little contrived - I've heard of a site actually doing things like that.
And in any case, if Production has granted Marketing access with the GRANT
option (which permits Marketing to grant other the permission), there is
no reason from a security point of view that it should not work. And
obviously, if the procedure is dbo, there is no security issue at all.
Instead the answer rather "it is the way it is of technical and legacy
reasons". You are on SQL 2000, but if you read my article, you saw that
SQL 2005 offers new mechanism that are more whole-covering.
--
Erland Sommarskog, SQL Server MVP, esquel@xxxxxxxxxxxxx
Books Online for SQL Server 2005 at
http://www.microsoft.com/technet/prodtechnol/sql/2005/downloads/books.mspx
Books Online for SQL Server 2000 at
http://www.microsoft.com/sql/prodinfo/previousversions/books.mspx
.
- References:
- Exec permissions on Stored Procedure
- From: gv
- Re: Exec permissions on Stored Procedure
- From: Mark B
- Re: Exec permissions on Stored Procedure
- From: Erland Sommarskog
- Re: Exec permissions on Stored Procedure
- From: Mark B
- Re: Exec permissions on Stored Procedure
- From: gv
- Exec permissions on Stored Procedure
- Prev by Date: Re: Exec permissions on Stored Procedure
- Next by Date: Re: Locked Out of Local Instance
- Previous by thread: Re: Exec permissions on Stored Procedure
- Next by thread: Re: Exec permissions on Stored Procedure
- Index(es):
Relevant Pages
|
