In my environment I have found many App users ( groups ) with DB Owner
Database role.
Is this required ?No it certainly isn't necessary and typically not a good idea. DB
Owner can do pretty much whatever they want in the database. You would
want application users to have the minimum needed to use the
application which typically wouldn't require having all permissions in
a database.
If it's required by the application itself based upon how that is set
up or configured with the security, that's a different issue and more
related to the application design and security setup. But in general,
not required.
-Sue
On Thu, 21 Oct 2004 08:07:03 -0700, "Dave"
<Dave@.discussions.microsoft.com> wrote:
>In my environment I have found many App users ( groups ) with DB Owner
>Database role.
>Is this required ?
>|||What permissions we can give to App Users from Database ?
What is the easiest way to do that ?
"Sue Hoegemeier" wrote:
> No it certainly isn't necessary and typically not a good idea. DB
> Owner can do pretty much whatever they want in the database. You would
> want application users to have the minimum needed to use the
> application which typically wouldn't require having all permissions in
> a database.
> If it's required by the application itself based upon how that is set
> up or configured with the security, that's a different issue and more
> related to the application design and security setup. But in general,
> not required.
> -Sue
> On Thu, 21 Oct 2004 08:07:03 -0700, "Dave"
> <Dave@.discussions.microsoft.com> wrote:
>
>|||Sorry but I can't tell you as I don't know what your application does
or how the security is setup, what you need the users to do. That's
going to end up being something you asses based on business needs and
the application itself. Setting up security correctly is not
necessarily a quick and easy thing to do - it takes some thought as
well as understanding of the application. I don't think you can
correct the issue by just changing a few things. You'll need to look
at the application, what SQL statements are being executed by what
users, etc.
-Sue
On Fri, 22 Oct 2004 11:09:02 -0700, "Dave"
<Dave@.discussions.microsoft.com> wrote:
[vbcol=seagreen]
>What permissions we can give to App Users from Database ?
>What is the easiest way to do that ?
>"Sue Hoegemeier" wrote:
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment