Click here to Skip to main content
16,016,477 members
Home / Discussions / Database
   

Database

 
AnswerRe: How to access network file using SQL Server 2000 Pin
Ghazi H. Wadi3-Nov-07 23:19
Ghazi H. Wadi3-Nov-07 23:19 
QuestionSQL to return only first few records? Pin
jensenx21-Oct-07 17:50
jensenx21-Oct-07 17:50 
AnswerRe: SQL to return only first few records? Pin
N a v a n e e t h21-Oct-07 18:38
N a v a n e e t h21-Oct-07 18:38 
GeneralRe: SQL to return only first few records? Pin
jensenx21-Oct-07 21:10
jensenx21-Oct-07 21:10 
GeneralRe: SQL to return only first few records? [modified] Pin
GuyThiebaut22-Oct-07 1:28
professionalGuyThiebaut22-Oct-07 1:28 
GeneralRe: SQL to return only first few records? Pin
Pete O'Hanlon22-Oct-07 1:48
mvePete O'Hanlon22-Oct-07 1:48 
QuestionSecurity - Stored Procedure - Views - Tables Pin
DotNetWWW20-Oct-07 4:38
DotNetWWW20-Oct-07 4:38 
AnswerRe: Security - Stored Procedure - Views - Tables Pin
Colin Angus Mackay21-Oct-07 13:21
Colin Angus Mackay21-Oct-07 13:21 
DotNetWWW wrote:
the user which logs on to database has only EXECUTE Privilege on defined stored procedures and does not have any kind of access to any other object in database , In your opinion , Can Inserting into/Updating Views instead of Inserting into/Updating Tables cause any problem?and Is this model help improve security?


Adding the rights to the views increases your attack surface. The attack surface is the amount of your system that is potentially open to abuse.

You also say that you have tables, and corresponding views. If the view is defined as SELECT * FROM CorrespondingTable then I don't see any advantage in that.

My personal opinion is that the best solution in most cases is to allow access only to the stored procedures that are required. That way SQL Server has the ability to verify the data before modifying the database, it can also veto and request for information. Whereas access to tables and views gives much wider scope for an application to abuse the database.

DotNetWWW wrote:
Not that I access SQL Server Database from a .Net App.


I wouldn't think the type of application would make much difference.


Upcoming FREE developer events:
* Glasgow: SQL Server Managed Objects AND Reporting Services ...

My website

QuestionType mismatch error for date field (MS ACCESS) Pin
Trav120-Oct-07 3:00
Trav120-Oct-07 3:00 
AnswerRe: Type mismatch error for date field (MS ACCESS) Pin
Blue_Boy21-Oct-07 9:27
Blue_Boy21-Oct-07 9:27 
QuestionAmbiguous column name 'Primary_ID'. whats wrong?? Pin
Vimalsoft(Pty) Ltd18-Oct-07 22:59
professionalVimalsoft(Pty) Ltd18-Oct-07 22:59 
AnswerRe: Ambiguous column name 'Primary_ID'. whats wrong?? Pin
GuyThiebaut18-Oct-07 23:05
professionalGuyThiebaut18-Oct-07 23:05 
AnswerRe: Ambiguous column name 'Primary_ID'. whats wrong?? Pin
Colin Angus Mackay18-Oct-07 23:05
Colin Angus Mackay18-Oct-07 23:05 
GeneralRe: Ambiguous column name 'Primary_ID'. whats wrong?? Pin
Vimalsoft(Pty) Ltd18-Oct-07 23:10
professionalVimalsoft(Pty) Ltd18-Oct-07 23:10 
GeneralRe: Ambiguous column name 'Primary_ID'. whats wrong?? Pin
Colin Angus Mackay18-Oct-07 23:21
Colin Angus Mackay18-Oct-07 23:21 
Question@ and @@ parameters Pin
Sonia Gupta18-Oct-07 22:43
Sonia Gupta18-Oct-07 22:43 
AnswerRe: @ and @@ parameters Pin
Joe18-Oct-07 23:42
Joe18-Oct-07 23:42 
GeneralRe: @ and @@ parameters Pin
Sonia Gupta18-Oct-07 23:52
Sonia Gupta18-Oct-07 23:52 
AnswerRe: @ and @@ parameters Pin
Pete O'Hanlon21-Oct-07 10:06
mvePete O'Hanlon21-Oct-07 10:06 
AnswerRe: @ and @@ parameters Pin
squattyarun21-Oct-07 23:01
squattyarun21-Oct-07 23:01 
Questioncursors in functions Pin
Sonia Gupta18-Oct-07 22:40
Sonia Gupta18-Oct-07 22:40 
AnswerRe: cursors in functions Pin
Krish - KP18-Oct-07 23:24
Krish - KP18-Oct-07 23:24 
GeneralRe: cursors in functions Pin
Sonia Gupta18-Oct-07 23:35
Sonia Gupta18-Oct-07 23:35 
GeneralRe: cursors in functions Pin
Rocky#19-Oct-07 0:55
Rocky#19-Oct-07 0:55 
AnswerRe: cursors in functions Pin
neeraj_indianic19-Oct-07 19:25
neeraj_indianic19-Oct-07 19:25 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.