Tag Archives: database permissions
-
EXECUTE AS USER vs EXECUTE AS LOGIN
1July 26, 2022 by Kenneth Fisher
I use impersonation a lot. It’s a really easy way to check if someone has the permissions they are supposed …
Continue readingCategory: Microsoft SQL Server, Security, SQLServerPedia Syndication | Tags: database permissions, Impersonation, microsoft sql server, principals, security, server permissions
-
The public role
2May 23, 2018 by Kenneth Fisher
A common misunderstanding is that the CONNECT permission lets you do more than just connect to a database. It doesn’t. …
Continue readingCategory: Microsoft SQL Server, Security, SQLServerPedia Syndication | Tags: database permissions, microsoft sql server, roles, security
-
Who should own the database?
7January 15, 2018 by Kenneth Fisher
TL;DR; SA, or if you are really paranoid then you can create a disabled SQL login with minimal permissions and …
Continue readingCategory: Impersonation, Microsoft SQL Server, Security, SQLServerPedia Syndication | Tags: best practices, database permissions, microsoft sql server, security
-
Simple Security Report
2May 1, 2017 by Kenneth Fisher
Quite a while ago I created a couple of little security scripts to help me out with permissions research. Over …
Continue readingCategory: Microsoft SQL Server, Security, SQLServerPedia Syndication | Tags: database permissions, microsoft sql server, security, server permissions
-
sp_SrvPermissions & sp_DBPermissions V6.0 Finally!
7March 27, 2017 by Kenneth Fisher
It’s been almost 3 years since I updated these SPs! I can’t believe so much time has gone by! Well, …
Continue readingCategory: Dynamic SQL, Microsoft SQL Server, Security, SQLServerPedia Syndication, System Functions and Stored Procedures, T-SQL | Tags: code language, database permissions, dynamic sql, language sql, microsoft sql server, security, server permissions
-
Write-Only permissions
3August 11, 2016 by Kenneth Fisher
Yep, that’s right, you heard me. Write-Only not Read-Only. I was presenting SQL Server Security Basics at NTSSUG the other …
Continue readingCategory: Microsoft SQL Server, Security, SQLServerPedia Syndication | Tags: database permissions, microsoft sql server, security
-
The CONNECT permission
11January 27, 2016 by Kenneth Fisher
The CONNECT permission exists at the instance and database levels. Note: as of SQL 2012 it is CONNECT SQL at …
Continue readingCategory: Microsoft SQL Server, Security, SQLServerPedia Syndication | Tags: database permissions, microsoft sql server, security, server permissions
-
Administrative Logins and Users
3November 2, 2015 by Kenneth Fisher
If you’ve ever worked through an audit you have probably gotten a request that looks a lot like this: Please …
Continue readingCategory: Auditing, Microsoft SQL Server, Security, SQLServerPedia Syndication | Tags: database permissions, microsoft sql server, security, server permissions
-
Zombie AD Groups
4September 21, 2015 by Kenneth Fisher
I spent something like 2 hours today trying to figure out how a particular user had access to one of …
Continue readingCategory: Microsoft SQL Server, Security, SQLServerPedia Syndication | Tags: database permissions, microsoft sql server, security, server permissions
-
Permissions Posters
3July 27, 2015 by Kenneth Fisher
I’ve been doing a lot of research recently for my permissions session and for a project at work. During said …
Continue readingCategory: Documentation, Microsoft SQL Server, Security, SQLServerPedia Syndication | Tags: database permissions, Documentation, microsoft sql server, perm, security, server permissions
SQL Studies 