September 19, 2017 at 9:10 am
I have setup a user defined role to grant members of the role certain access to database objects like Tables, Views and Stored Procedures. I have granted them the usual Select, Insert, Delete, Update for Tables; Select for Views and Execute for Stored Procs. My questions is should I also be granting my users n this role the ability to View Definitions for these objects as well? There are loads of examples on the net for how to grant users View Definition ability, but I have not found anything that explains under what circumstances you would want to grant users the View Definition ability. I understand that it allows users to see the metadata for an object, but it is not clear to me why a user would need this ability. I would very much appreciate if someone here could enlighten me on when and why this permission should be granted.Thanks for the info.
Andrew J
September 19, 2017 at 9:21 am
Andrew
If, for example, the users will be troubleshooting performance problems, then they'll need to know the definitions of stored procedures, data types of columns and so on. That's one example of why they'd need the VIEW DEFINITION permission.
John
September 19, 2017 at 9:27 am
Thanks John. I guess I can just grant View Definitions as the default. Are there any situations you can think of where you would not want to grant View Definitions on a Table, View or Stored Procedure?
September 19, 2017 at 9:32 am
Well, yes - if the users don't need the permission, don't grant it. Follow the principle of least privilege.
John
September 19, 2017 at 9:53 am
Fair enough. I understand the principal of granting the minimum privileges required. What is still not clear to me is what is the risk of granting this View Definitions access? Is there some reason why allowing users the ability to View Definitions would be a bad thing?
September 19, 2017 at 9:59 am
Probably the best reason not to grant the permission is that you want to keep your database design confidential.
John
September 19, 2017 at 10:02 am
OK. I think I understand. It is only a bad thing if there is some table, view or SP that I don't want people to see the design.
September 19, 2017 at 10:06 am
Sorry. One more clarification. Does View Definition also allow users to see the columns details of a table if trying to connect from an external source like if they want to use the Get Data From SQL Server Database from MS Excel for example? If I revoke View Definitions does that mean they could not see table details when using the Get Data function from Excel?
September 19, 2017 at 10:09 am
I don't know - I've never used that. But it should be fairly easy for you to test out.
John
September 19, 2017 at 11:49 am
andrew.jones 69458 - Tuesday, September 19, 2017 9:10 AMI understand that it allows users to see the metadata for an object, but it is not clear to me why a user would need this ability.
They don't usually. The people who need that permission are those writing queries against the database (so that they can see what structures they're querying), not the users using an existing application.
Gail Shaw
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)
SQL In The Wild: Discussions on DB performance with occasional diversions into recoverability
September 25, 2017 at 8:58 am
A point from my side is that if a person doesn't need VIEW DEFINITION and the reason is that a person shouldn't be able to view the underlying code in views, functions r stored procedures is sensitivity then use the ENCRYPTION clause to prevent them being able to query other objects to obtain the definition.
Here a good link:
https://www.mssqltips.com/sqlservertip/2964/encrypting-and-decrypting-sql-server-stored-procedures-views-and-userdefined-functions/
September 25, 2017 at 10:15 am
One of the main reasons to not give VIEW DEFINITION to users is so that they can't see the underlying physical table names. If you let them know the physical table names anyway, then there'd be far less reason not to grant them VIEW DEF.
SQL DBA,SQL Server MVP(07, 08, 09) "It's a dog-eat-dog world, and I'm wearing Milk-Bone underwear." "Norm", on "Cheers". Also from "Cheers", from "Carla": "You need to know 3 things about Tortelli men: Tortelli men draw women like flies; Tortelli men treat women like flies; Tortelli men's brains are in their flies".
September 25, 2017 at 10:55 am
ScottPletcher - Monday, September 25, 2017 10:15 AMOne of the main reasons to not give VIEW DEFINITION to users is so that they can't see the underlying physical table names. If you let them know the physical table names anyway, then there'd be far less reason not to grant them VIEW DEF.
Which is why access to data should *only* occur over views and not with direct access to the underlying tables. Using the ENCRYPTION clause strengthens this form of obfuscation because the workaround using dynamic views to view a definition doesn't work.
Viewing 13 posts - 1 through 12 (of 12 total)
You must be logged in to reply to this topic. Login to reply