Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Is it possible to deny permissions for everything in SQL Server (e.g select, insert, etc) and give temporary permissions through stored procedures. I want to use only stored procedures to access data in sql database.
Is this possible or is there another way?
This is a good pattern supported my SQL Server.
Basically, whoever has permissions on the the stored procedures does not need any table permissions at all, if the proc and tables have the same owner (dbo usually). It’s called ownership chaining
Note: permissions on the tables are simply not checked in this situation, so explicit “DENY permissions” will be ignored too (DENY is different to “no permissions”)
The same applies to views, functions etc (eg view calling table, proc calling view, …)