July 18, 2013 at 12:36 pm
Hello -
Found out that the DBA before me had db_datareader checked for a sensitive database. Now as I understand it that grants Select on all tables within that database. Correct?
This same service account also has a Securables set up to a View I'll call (A). The view is the only thing this Service Account should be able to select and see. View (A) calls up other tables in the same databases as well just as a side note.
My question is if I removed the db_datareader on that Servicve Account will that account now not be able to Select from the underlieing tables?
I hope that makes sense. We are to fix this with breaking the app but wanted to lock down the database.
Regards,
David
July 18, 2013 at 2:39 pm
Yes..data reader access will have select permission on the objects of the database.if you like to give only select permission on views then would have to explicitly give the views select only and public access on the database. So hope this is what you wanted??remove the db_datareader access and give select permission on views with public access to the database.
July 19, 2013 at 6:41 am
Rinu -
Thank you that is what I was looking for.
Regards,
David
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply