August 2, 2004 at 1:58 am
Just out of curiosity, do you use column permissions and/or views to restrict the columns that a user can see? Why did you choose your particular approach?
August 2, 2004 at 5:14 am
Personally I prefer SP's and VIEWS to access data. I prefer the 1st option because IF you remove all permissions to the tables and provide EXEC to sp's then you know that there can be no rogue programs out there taking down the system. VIEWs are good too because you can program what columns are in them and it is easier to manage them then COLUMNAR permissions.
Just what I have experienced in the past...
Good Hunting!
AJ Ahrens
webmaster@kritter.net
August 2, 2004 at 10:21 pm
Views. While SQL Server actually works at the column level, I've found that while most folks will check to see if a person has access to an object like a table, looking at the column level is an additional step they don't consider. Also, if you use views you don't have to give folks any access to the table itself so long as the owner of the view matches the owner of the table. Then you only have to give permissions on the view. This is a good use of ownership chaining and a recommended best practice.
K. Brian Kelley
@kbriankelley
Viewing 3 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply