|
|
|
How to allow the database access via stored procedures ONLY?
|
|||
|---|---|---|---|
|
#18+
Hi all! I'm going to secure the database access now. Is it possible to allow any data manipulation such as insert, delete, update, select etc. from stored procedures only? It means no direct select's etc. Thx in advance. ... |
|||
|
:
Нравится:
Не нравится:
|
|||
| 12.06.2002, 17:31:35 |
|
||
|
How to allow the database access via stored procedures ONLY?
|
|||
|---|---|---|---|
|
#18+
Users will not be able to select\update\delete tables directly until they have been assigned that rights. <BR>Additionaly you can set deny select\update\delete table. <BR> <BR>Set to users right to execute stored procedures only. ... |
|||
|
:
Нравится:
Не нравится:
|
|||
| 12.06.2002, 17:50:02 |
|
||
|
How to allow the database access via stored procedures ONLY?
|
|||
|---|---|---|---|
|
#18+
Depending on how you'd like to handle it, you could create a role and grant execute to this role, instead of doing it for each and every user. select 'GRANT EXECUTE ON ' + name + ' TO XXXXX' from yourdb..sysobjects where type = 'P' and execute it's output to grant the role 'XXXXX' execute on all procedures in 'yourdb' database. This way you actually make sure that they do NOT have any permissions other than EXECUTE, unless otherwise granted exclusively, which could be tracked and eliminated. And do not forget to get rid of the GUEST user. ... |
|||
|
:
Нравится:
Не нравится:
|
|||
| 12.06.2002, 18:35:51 |
|
||
|
|
start [/forum/search_topic.php?author=Ice_&author_mode=last_topics&do_search=1]: |
0ms |
get settings: |
6ms |
get forum list: |
10ms |
get settings: |
8ms |
get forum list: |
15ms |
check forum access: |
3ms |
check topic access: |
3ms |
track hit: |
284ms |
get topic data: |
9ms |
get first new msg: |
5ms |
get forum data: |
2ms |
get page messages: |
30ms |
get tp. blocked users: |
1ms |
| others: | 413ms |
| total: | 789ms |
| 0 / 0 |
