Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I’m still trying to get my head around LINQ and accessing a SQL Database.
I was always taught that you should only have execute permissions of stored procedures to your data.
You should never have select / insert / update / delete.
(This is because of performance and security)
To get the data out of LINQ you obviously need select permissions. I know you can use stored procs with LINQ, but since I can’t do joins what’s the point?
Have I missed something???
1) We’re programmers, not DBA fascists. If your requirements state that the database must be locked down 100%, Linq is not for you. I’m not a DBA, so I believe that most of the performance/security hype is just that. Linq is for me.
2) You can do joins with linq.
@Philippe: Linq automatically transforms evaluations into query parameters, so it provides some sql injection protection. However, you still have to closely evaluate your requirements to determine how much security you need and at what levels. Linq makes dealing with the database much easier, but it makes it easier to put secuirty design on the back burner, which is a bad thing.