April 18, 2011 at 5:28 am
Hi,
Should I tinker with the default permission that the public role has on a default installation of SQLServer 2008?
I notice that the public role has alot of permission on catalog views, and execution rights. If I run a query on the masater db for example I see that the public role has 1843 different grants (select and execute).
April 18, 2011 at 5:41 pm
Public Role is just a gateway for the Server and database level after you assign the public role then you assigns other role also
Regards,
Syed Jahanzaib Bin Hassan
MCTS | MCITP | OCA | OCP | OCE | SCJP | IBMCDBA
Regards,
Syed Jahanzaib Bin Hassan
BSCS | MCTS | MCITP | OCA | OCP | OCE | SCJP | IBMCDBA
My Blog
www.aureus-salah.com
April 20, 2011 at 3:18 am
The public role has a lot of grants, that is true, but it should typically be left alone. Otherwise you could put your SQL Server in an unsupported state.
Also, with SQL Server 2005 the catalog views and system stored procedures that report on metadata restrict what is displayed to what the user has access to see. So, for instance, if you don't have permissions to MyTable in MyDatabase, when you check sys.objects in MyDatabase, you won't see MyTable. So even though there are grants on objects which are used system-wide, realize that there are other mechanisms in place to secure the SQL Server.
K. Brian Kelley
@kbriankelley
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply