Results 1 to 6 of 6
  1. #1
    Join Date
    Mar 2003
    Posts
    223

    Unanswered: Security stored procedures

    Hello, everyone:

    How to security the stored procedures? I want to prevent the stored procedures to be changed accidently. Thanks.

    ZYT

  2. #2
    Join Date
    Nov 2002
    Location
    Jersey
    Posts
    10,322
    Ummmm...

    Don't grant access?
    Brett
    8-)

    It's a Great Day for America everybody!

    dbforums Yak CorralRadio 'Rita
    dbForums Member List
    I'm Good Once as I ever was

    The physical order of data in a database has no meaning.

  3. #3
    Join Date
    Mar 2003
    Posts
    223
    Originally posted by Brett Kaiser
    Ummmm...

    Don't grant access?
    Hello, Brett:

    Thanks for replay. I am confused. Because the clients are allowed to access the tables that are in the same database as SPs. How to limite them access SPs, but tables?

    ZYT

  4. #4
    Join Date
    Nov 2002
    Location
    Jersey
    Posts
    10,322
    Do you have books online?

    Did you look up GRANT

    What's your security model?
    Brett
    8-)

    It's a Great Day for America everybody!

    dbforums Yak CorralRadio 'Rita
    dbForums Member List
    I'm Good Once as I ever was

    The physical order of data in a database has no meaning.

  5. #5
    Join Date
    Jun 2003
    Location
    Ohio
    Posts
    12,592
    Provided Answers: 1
    I think he wants to prevent changes to the procedure code, Brett.

    Look up CREATE PROCEDURE in Books Online, and you will see there is an option called WITH ENCRYPTION.

    I will warn you that the encryption is not very strong, and methods of breaking it have been posted on the internet.
    If it's not practically useful, then it's practically useless.

    blindman
    www.chess.com: "sqlblindman"
    www.LobsterShot.blogspot.com

  6. #6
    Join Date
    Mar 2003
    Posts
    223
    Originally posted by blindman
    I think he wants to prevent changes to the procedure code, Brett.

    Look up CREATE PROCEDURE in Books Online, and you will see there is an option called WITH ENCRYPTION.

    I will warn you that the encryption is not very strong, and methods of breaking it have been posted on the internet.
    Hello, Blindman:

    Thanks. You are correct. I have used
    CREATE PROC name
    WITH ENCRYPTION
    AS

    From T-SQL definition, the users who are not allowed access the database cannot change SPs that are stored in syscomments table. I am wondering if the users who are clients of database can access the SPs.

    ZYT

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •