Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
scooter_r
Starting Member
4 Posts |
 Posted - 2006-12-18 : 21:21:14
|
| Hi. If a user has access to a sql database in a vendor application, is there any way to prevent themm from accessing the database with query analyzer or other tool? since the new sql server express management tool can be downloaded for free 'm afraid that someone could directly hit the database and bypass the vendor app.thanks |
|
|
harsh_athalye
Master Smack Fu Yak Hacker
5581 Posts |
Posted - 2006-12-18 : 22:32:25
|
| Revoke all permissions from the user or better yet, you can disable the login entirely in SQL 2005 using ALTER LOGIN statement.Harsh AthalyeIndia."The IMPOSSIBLE is often UNTRIED" |
 |
|
|
scooter_r
Starting Member
4 Posts |
Posted - 2006-12-18 : 22:41:37
|
| Thank for the answer. however I don't want to keep the user from accessing the database, I just need to make sure taht they can't connect with query analyzer or sql server management studio. I need to make sure they are only connecting using the vendor's application. |
|
|
|
jen
Master Smack Fu Yak Hacker
4110 Posts |
Posted - 2006-12-19 : 01:57:53
|
| if the account information on the application connection is not embedded in the apps, or if the account credentials is entered into the system via apps...you can input the password yourself, but question is, if the apps is still in Dev and not in production, does the effort you're putting into this worth it?what do you expect the vendor to retrieve that he doesn't have permission to yet via application?--------------------keeping it simple... |
|
|
|
|
|
|
security question