hi again
i have an account with its password
with specific permissions,
i have to deny, then, the access
to the rest of the objects ?
i.e. systems stored proc, tables , etc ?
thanks
--
atte,
Hernán Castelo
SGA - UTN - FRBADepends what you want.
The user will only have access to those objects it is granted so there is no
need to deny.
But if the user is then added to a role which has other permissions (or they
are given to public) it will gain them.
If this is not what you want then you should deny permissions as well.
I usually only deny dbwriter to read only accounts and leave the rest to
gain from granted permissions
"Hernán Castelo" wrote:
> hi again
> i have an account with its password
> with specific permissions,
> i have to deny, then, the access
> to the rest of the objects ?
> i.e. systems stored proc, tables , etc ?
> thanks
>
> --
> atte,
> Hernán Castelo
> SGA - UTN - FRBA
>
>|||i'm asking because
i entered with a restricted account
and was able to exec SP_HELPTEXT
and i don't wish that
denying dbwriter sounds good,
how can i disable these type of sp's ?
atte,
Hernán Castelo
SGA - UTN - FRBA
"Nigel Rivett" <sqlnr@.hotmail.com> escribió en el mensaje
news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> Depends what you want.
> The user will only have access to those objects it is granted so there is
no
> need to deny.
> But if the user is then added to a role which has other permissions (or
they
> are given to public) it will gain them.
> If this is not what you want then you should deny permissions as well.
> I usually only deny dbwriter to read only accounts and leave the rest to
> gain from granted permissions
> "Hernán Castelo" wrote:
> > hi again
> > i have an account with its password
> > with specific permissions,
> > i have to deny, then, the access
> > to the rest of the objects ?
> > i.e. systems stored proc, tables , etc ?
> >
> > thanks
> >
> >
> > --
> > atte,
> > Hernán Castelo
> > SGA - UTN - FRBA
> >
> >
> >|||Everyone can see the source code, I'm afraid. Closest you can come is creating the procedures using
the WITH ENCRYPTION option (note however that there exists tools to decrypt...).
--
Tibor Karaszi, SQL Server MVP
http://www.karaszi.com/sqlserver/default.asp
http://www.solidqualitylearning.com/
"Hernán Castelo" <bajopalabra@.hotmail.com> wrote in message
news:OO0nNnM0EHA.3416@.TK2MSFTNGP09.phx.gbl...
> i'm asking because
> i entered with a restricted account
> and was able to exec SP_HELPTEXT
> and i don't wish that
> denying dbwriter sounds good,
> how can i disable these type of sp's ?
>
> --
> atte,
> Hernán Castelo
> SGA - UTN - FRBA
> "Nigel Rivett" <sqlnr@.hotmail.com> escribió en el mensaje
> news:FA87EBFA-AE01-4BDD-8869-E62687DB27FB@.microsoft.com...
> > Depends what you want.
> > The user will only have access to those objects it is granted so there is
> no
> > need to deny.
> > But if the user is then added to a role which has other permissions (or
> they
> > are given to public) it will gain them.
> > If this is not what you want then you should deny permissions as well.
> >
> > I usually only deny dbwriter to read only accounts and leave the rest to
> > gain from granted permissions
> >
> > "Hernán Castelo" wrote:
> >
> > > hi again
> > > i have an account with its password
> > > with specific permissions,
> > > i have to deny, then, the access
> > > to the rest of the objects ?
> > > i.e. systems stored proc, tables , etc ?
> > >
> > > thanks
> > >
> > >
> > > --
> > > atte,
> > > Hernán Castelo
> > > SGA - UTN - FRBA
> > >
> > >
> > >
>
No comments:
Post a Comment