RE: grant execute overrides user permissions

SSC Guru

Points: 323504

January 22, 2013 at 8:04 am

yep if you are granted execute to a proc, even if you, the caller, are denied permission to the underlying tables, the proc will execute.

is this a real problem for you, that a programmer or DBA changes a procedure from SELECT to UPDATE?

it sounds more like an issue with getting with the programmer, who should be creating new procedures to handle the update.

How is he modifying an existing procedure without otherwise reviewing all the code that used to call the procedure and change how they are handled?.

Lowell

--help us help you! If you post a question, make sure you include a CREATE TABLE... statement and INSERT INTO... statement into that table to give the volunteers here representative data. with your description of the problem, we can provide a tested, verifiable solution to your question! asking the question the right way gets you a tested answer the fastest way possible!