What is the minimum SQL security needed for a MS SQL 2005 database?
I've setup a database instance and have added a database. The software that I wrote interfaces the database and adds/updates/removes table data but does not change the database structure. My concern is that I want to make sure that I'm not giving the user too much access in case they connect with a SQL database manager/etc.
In server roles I've assigned "public" to the user and
In User Mapping I've assigned "db_owner" and "public"
Also, something to consider is that I'm going to have a lot of users being added/removed, so if there's a better way to manage this process please let me know.