Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

SQL Server hiding information_schema and sys views

Posted on 2009-07-15
1
Medium Priority
?
699 Views
Last Modified: 2012-08-13
I have a user that is only assigned to the db role db_datareader and public. The user can see all the information_schema and sys views. As a test, I tried creating a separate role that denies view definition to the sys schema and removing the user from the db_datareader role, but the user can still see the views.

Any suggestions on how to deny view definition of the information_schema and sys views for a database?

The reason why I want to do this is because users do not want to see these extra views in their client applications when they are selecting user views/tables.

There does not seem to be a clear answer for this anywhere.
0
Comment
Question by:incidental74
1 Comment
 
LVL 57

Accepted Solution

by:
Raja Jegan R earned 1500 total points
ID: 24865651
>> Any suggestions on how to deny view definition of the information_schema and sys views for a database?

No.. You cant deny usage of Information_schema and sys views to users.

The purpose of information_schema and sys views is to display records for those specific user only. It will display records for which the current user has access.

Hence if the user dont have access to an object, it will not display those records.
Since you added the user as part of datareader role, it will have select privileges on all tables and views and hence it will be visible in Information_schema and sys views.

You better need to REVOKE those objects to this user for the list of objects you wish.
That would help you in restricting the user to those objects.

Hope this clarifies.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

INTRODUCTION: While tying your database objects into builds and your enterprise source control system takes a third-party product (like Visual Studio Database Edition or Red-Gate's SQL Source Control), you can achieve some protection using a sing…
SQL Server engine let you use a Windows account or a SQL Server account to connect to a SQL Server instance. This can be configured immediatly during the SQL Server installation or after in the Server Authentication section in the Server properties …
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Screencast - Getting to Know the Pipeline

824 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question