So here's the situation: I'm creating a front-end application to an SQL Server 2000 database and I need to create a new login to the database for the app.
Is it possible (or even; is it a good idea...) to create a logon that only has access to a single table?
Actually, I know it's possible - but I don't want to have to go through the hundreds of tables and deny access to them all! So I guess the question is;
Is there a quick and easy way of granting a login permissions to a single table only?Aha! I think I might have cracked it...
Create a new database role and then a new login who can have that role :)
However, the question of "should I do this" still stands.|||Why not?
I don't understand what your concern is.
For a single logon, you could even grant the access directly without bothering with a role.|||Ooh, how do I do that?|||The same way you grant access to a role.
Remember, though, that every login is a member of the PUBLIC role, so you will need to make sure that PUBLIC does NOT have access to any of the objects in the database.|||How did I miss that button before?! Woods and trees, eh.
The public role only has access to sys tables and dt* SPs; I don't have a problem with that.
I just figured this was the easiest and most effective way of implementing security on the FE. This is definately a route I will use again in the future :)
Thanks Blinddudesql
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment