SQL Server Security through TSQL

Question

SQL Server Security through TSQL

I want to build a transact sql script that will stop certain people from executing certain commands against all databases:

drop database, drop table or preferbly drop *

delete

update

Is it possible? The user will already have access to the server.

Note. I am not trying to develop a security model for the server or prevent a malicious attack. This is an existing server where people can have a number of access rights through the various Windows groups to which they belong. I just want to know if there is quick protection so that people do not mistakenly execute the command on the wrong server.

+5

security sql-server tsql

cindi Jan 21 '09 at 12:54

source share

6 answers

( caveat, , , )

, ( dbo)? , , , . GRANT , , REVOKE , , DENY , , - .

. MSDN.

+6

Marc Gravell 21 . '09 12:57

, , , - . , .

. , , , . .

http://www.wwwcoder.com/main/parentid/191/site/4004/68/default.aspx

+1

ccook 21 . '09 12:58

, drop, - -

, exec exec

print ( convert(varchar(50), 0x64726F7020646174616261736520616263))

exec .

DDL http://msdn.microsoft.com/en-us/library/ms190989.aspx

CREATE TRIGGER safety 
ON DATABASE 
FOR DROP_TABLE, ALTER_TABLE 
AS 
   PRINT 'You are not allowed to drop or alter tables!' 
   ROLLBACK
;

0

SQLMenace 21 . '09 15:26

Cindi - DENY permissions, .

. SQL ? , , SQL ?

, , DENY. , . , .

. , , , . DENY, GRANT Select ( , , ).

0

Mark Brittingham 21 . '09 15:43

SQL Server, , . , SQL Server, Oracle ( ).

, , . , .

, , , :

(, , )

.

0

Alarion 21 . '09 18:01

source share

K. Brian Kelley · Accepted Answer · 2009-01-23T19:03:58+0000

SQL Server 2005 2008, , , DDL. DDL , sysadmin - DDL. , , , .

SQL Server 2000 ( ), - /. , , SQL Server 2005 2008, .

SQL Server Security through TSQL

More articles: