Scribd
Upload
18 views6 pages

04.5security in SQL Server

Uploaded by

Chamodh Dewanka
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
18 views6 pages

04.5security in SQL Server

Uploaded by

Chamodh Dewanka
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 6

Security in SQL Server

Security Conflicts
Group User
Granted access to table Denied access to table
Denied access to table Granted access to table
Db_datareader No Rights
Db_datawriter Db_denydatareader
Db_denydatareader Db_owner

Db_denydatareader Sysadmin
Sysadmin Denied all access
Group User Effective Rights for User
Granted access to table Denied access to table Denied
Denied access to table Granted access to table Denied
Db_datareader No Rights Can Read
Db_datawriter Db_denydatareader Can Write but no read
Db_denydatareader Db_owner Can do anything but no
reads
Db_denydatareader Sysadmin Can do anything
Sysadmin Denied all access Can do anything
Rule when Conflicts
Denial of Access always outweighs grant of access
except when the user is the system admin or the super
user.
Accessing View/Procedure
Myth?
• To access a VIEW/Stored Procedure, the user needs permission on
underling tables?
By default, all database objects have owners.
When an object such as a stored procedure references another object, an ownership chain is
established.
When an unbroken ownership chain exists, access is permitted to the underlying objects when
access is permitted to the top level objects.
Direct access to the objects is still not provided.

You might also like