Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
Home
Discussion Groups
DB Engine
SQL ServerMSDESQL Server CE
Services
Analysis (Data Mining)Analysis (OLAP)DTSIntegration ServicesNotification ServicesReporting Services
Programming
CLRConnectivitySQLXML
Other Technologies
ClusteringEnglish QueryFull-Text SearchReplicationService Broker
General
Data WarehousingPerformanceSecuritySetupSQL Server ToolsOther SQL Server Topics
DirectoryUser Groups
Related Topics
MS AccessOther DB ProductsMS Server Products.NET DevelopmentVB DevelopmentJava DevelopmentMore Topics ...
SQL Server Forum / General / Security / October 2005

Tip: Looking for answers? Try searching our database.

User permissions problem/question

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Griff - 12 Oct 2005 13:55 GMT
Hi

I have a SQLServer with many databases.

I have set up a standard user that specifically has access to just one of
the databases and their permissions are restricted to just reading/writing
data within that database.

Within query analyzer, they can only see their user database; all other user
databases do not display.  This is great, but when they use Enterprise
Manager, they get to see (although not access) all the other user databases.
Is there any way to force these to be hidden?

Secondly, within both Enterprise Manager and Query Analyzer, they can see
and access the Master database (and other system databases).  This
potentially exposes further information about the other user databases (e.g.
looking at the sysobjects table).  I've not tried it, but they may be able
to edit data in the master DB tables too (which would be scary...).

What do I have to do to stop the user from being able to read data from the
master DB's tables?

Thanks

Griff
Reply to this Message
m.bohse@quest-consultants.com - 12 Oct 2005 14:49 GMT
Can't help you with your first issue, but on the second one there are
two things to do.

First if you don't want to give them any access remove the guest
account. But keep in mind that this also would disable the possibility
to use any system stored procedures like sp_help, sp_who etc.
So if your users need to execute certain stored procedures try
Second: evaluate the permissions for the public role in those
databases, you might want to limit these further.

M
Reply to this Message
Hemantgiri S.  Goswami - 13 Oct 2005 12:59 GMT
Hi,
as you said that u have restrict those user to only read/write on their db ,
its okay . AS far as system database concern yes they are able to view the
tables record as guest user is their but they will not able to change the
data in system database.
and if you are not sure the  try it . And  better practice is you MUST
CREATE A ROLE and the ASSIGN APPROPRIATE PERMISSION TO THAT ROLE AND THEN ADD
USERS TO THAT ROLE SO YOU DONT HAVE TO DO IT REPETITIVELY .

Regards
Reply to this Message
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2009 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.