April 26, 2005 at 8:11 am
Hello All,
I have created a database role on a particular database which a READ access to 10 tables only within that database. Now, I added 5 logins (domain id) in sql server where tha said database is hosted and made them a part of the role mantioned above.
Somehow, these users are also able to read all the stored proc present in that database. Some stored procs contain sensitive logins and passwords and I want to revoke the read access form all the stored proces present.
I have a hunch that since by default every users added into a database becomes a part of public group, the stored proces are also accessed through the poblic role.
Can anybody pls suggest how to overcome this ..??
Regards
April 26, 2005 at 8:34 am
Revoke "exec" permission from public role and grant it only to some individuals.
April 27, 2005 at 12:40 am
"Somehow, these users are also able to read all the stored proc present in that database"
Are you worried that the users can read the text inside your stored procedures? or that users can execute the stored procedures and get results ?
Julian Kuiters
juliankuiters.id.au
April 27, 2005 at 10:04 pm
"Some stored procs contain sensitive logins and passwords"
You might want to think about encrypting these stored procs.
As an alternative you might want to think about storing the id & encrypted passwords elsewhere, say a table that only authorized people have access to, and retrieve them during at execution time and only grant execute permissions on the proc to the appropriate people.
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply