Re: Newbie on permissions: ADO.NET, C++.NET, SQL SERVER 2005 EXPRESS, Visual Studio 2005

On Mar 29, 3:03 pm, Erland Sommarskog <esq...@xxxxxxxxxxxxx> wrote:
raylopez99 (raylope...@xxxxxxxxx) writes:


Do I understand this correctly that you want your user to have heavy
perms when connected through VS and your application, but not when it's
connected through Management Studio? There is no way you can assign
permissions per application. Permissions are per logins and users.

Of course, it's a legit requirement that a user should only be able to
access objects in the database through the application, as the application
then can control what the user can see and update. There are a couple of
ways to implement this requirement. The method that has been most tested
and rried is to use stored procedures. There are several ways that
permissions can be granted through stored procedures, whereof the most
useful is ownership chaining. If all stored procedures and tables are
owned by dbo, the users only need execute permissions to the stored
procedures.

There are ways to handle this without stored procedures, but I am less
of fond of these methods.


Thank you Erland. I see the problem is not as simple as I thought. I
also see I have two problems: one is what you addressed, the other is
more simple: how to use VS2005 from an account other than
"Administrator" when working on databases. So far I've not been able
to figure out this, and only use "Adminstrator" to code. This simple
question can be answered by an experienced user of VS2005, and is to
an extent a trivial question since I can do programming in VS as
"Administrator" (it's annoying to switch users using Windows XP Pro,
but it's only an annoyance, nothing more).

THanks for your help,

RL

.

Relevant Pages

  • Re: Help understanding Stored proc Level Secuirty?
    ... Jasper Smith (SQL Server MVP) ... I set permissions to my Stored Procedures, ... Access to stored procs fail ...
    (microsoft.public.sqlserver.security)
  • Re: Securing Stored Procedures from being seen
    ... PERMISSIONS works for the current user, whoever he may be, and however his rights were granted. ... username, but in SQL Server, there are too many users to map an individuals ... granting the group execute permissions. ... see the names of any stored procedures to which he has no rights. ...
    (microsoft.public.sqlserver.security)
  • Re: Newbie: Restrict user account access to stored procedures
    ... You can deny users permissions to directly access tables and views by adding ... SQL Server does not, to the best of my knowledge, support any database role, ... stored procedures. ...
    (microsoft.public.sqlserver.security)
  • Re: permissions required for executing CDOSys stored procedures
    ... sysadmin and who has not been granted specific execute permissions on the ... I don't know what version of SQL Server you are using, ... stored procedures within the database that call the sp_OACreate & ... Apparently only members of the sysadmin role can ...
    (microsoft.public.sqlserver.security)
Quantcast