Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
sdiwi
Starting Member
27 Posts |
 Posted - 2005-10-24 : 10:48:47
|
| hi.i just got a short question. i created a new user using system stored procs and gave him the rights to access 4 stored procedures.when i logged in with this user everything was alright. what seemed (and still seems) odd to me is, that this user was allowed to select from the systables.is that normal ?!? |
|
|
mcrowley
Aged Yak Warrior
771 Posts |
Posted - 2005-10-24 : 10:58:16
|
| Yep. The data dictionary is public domain information in SQL Server. Oracle is different, I believe. I am not sure what happens if you deny a user access to sysobjects. Never had a need to try. |
 |
|
|
sdiwi
Starting Member
27 Posts |
Posted - 2005-10-24 : 12:04:12
|
| omg ;) |
|
|
|
robvolk
Most Valuable Yak
15732 Posts |
Posted - 2005-10-24 : 12:36:25
|
| System tables in SQL Server are not updateable by default. There is a server-wide configuration setting that must be set before system tables can be updated. SELECTing data from a system table is not affected by this setting, and denying this permission may cause problems.SQL Server 2005 has done the extra step of removing and/or abstracting system tables so that they cannot be accessed directly. They have been replaced either with views or system functions. Many have been superseded by new system views that contain more information than the old system tables. |
|
|
|
|
|
|
user rights - every user may select from systables