• No, not in SQL Server 2000 (there is help on the way in SQL Server 2005). When you run dynamic SQL in SQL Server 2000, it executes that code in a separate batch from the first. That means new security checks and ownership chaining is not continued from the calling stored procedure.

    You could create a view to restrict the columns accessible if a user doesn't need to see all the columns on a table and then give access to the view. While column-level permission is very viable, the view makes the security measure a little more obvious to the DBA and others who might look into it later.

    K. Brian Kelley