Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
sparrow37
Posting Yak Master
148 Posts |
 Posted - 2010-07-20 : 11:43:40
|
| Hi all:IS there a way in sql server 2005 so that we can make stored procedures secure and user can see tables and data but can not see and run the stored procedures where as applications can still use those stored procedures.Regards,Asif Hameed |
|
|
tkizer
Almighty SQL Goddess
38200 Posts |
Posted - 2010-07-20 : 13:10:08
|
| Don't provide the user db_owner or ddl_admin. Don't provide EXEC to any stored procedures. To make them secure, you could encrypt them. Although I hear that you can easily decrypt them. But if the application authenticates each user to using their user account, then you can not secure them. You'd instead have to create an application account that only the application uses. This is known as application authentication. Tara KizerMicrosoft MVP for Windows Server System - SQL Serverhttp://weblogs.sqlteam.com/tarad/Subscribe to my blog |
 |
|
|
|
|
|
permissions to sql server stored procedures.