Home Forums SQL Server 2016 SQL Server 2016 - Development and T-SQL Why Grant User View Definitions to Database Objects? RE: Why Grant User View Definitions to Database Objects?

  • September 25, 2017 at 10:55 am

    #1960807

    ScottPletcher - Monday, September 25, 2017 10:15 AM

    One of the main reasons to not give VIEW DEFINITION to users is so that they can't see the underlying physical table names.  If you let them know the physical table names anyway, then there'd be far less reason not to grant them VIEW DEF.

    Which is why access to data should *only* occur over views and not with direct access to the underlying tables.  Using the ENCRYPTION clause strengthens this form of obfuscation because the workaround using dynamic views to view a definition doesn't work.