Home Forums Article Discussions Article Discussions by Author Discuss Content Posted by Robert Marda When to Use Dynamic SQL RE: When to Use Dynamic SQL

  • February 11, 2002 at 6:52 am

    #423650

    mbova:

    I think the major thing about security is this:

    Normally you can give execute permissions to a user for a stored procedure and the stored procedure will run fine.

    However, with dynamic SQL in a stored procedure the permissions do not carry over to the code that is dynamic and so if the user has execute permissions to the stored procedure but not to a table in the dynamic SQL then they will get a permissions failure error.

    In our database all users by default have read permissions so for us this is not an issue.

    Robert Marda

    Robert W. Marda
    Billing and OSS Specialist - SQL Programmer
    MCL Systems