Public Role Permissions

  • Apologies for what appears to be a basic question but I'm trying to get to grips with SQL2005 security.

    I've created a SQL user with no access, so by default it only gets the public role.  When I look at the 'effective permissions' from the login screen I see it has 'connect' and 'view any database'.  However what I cant see against any of the public roles in and database is where its coded that anyone has 'view any database'. Whenever I go into a public roles securables, nothing is checked.

    Yes I can just remove 'view any database' from my new login, but what I want to do (as a test and to understand where it is), is revoke 'view any database' from the public role.  Perhaps someone can precisely direct me.

    thanks very much guys.... 

  • There are views in the master database that have 'select' granted to public.  I don't know if you'd want to restrict those views or not, but I hope you have a test box.

    database_files                          

    database_mirroring                  

    database_mirroring_endpoints        

    database_permissions                

    database_principal_aliases          

    database_principals                 

    database_recovery_status            

    database_role_members               

    databases

  • Thanks for your comment.

    All I want to do is revoke 'view any database' from Public.  There must be a way to do this in 2005 via Management Studio??

     

Viewing 3 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic. Login to reply