Solved

Security issue in SQL: How to hide  System Databases from certain users

Posted on 2010-09-06
5
330 Views
Last Modified: 2012-06-27
I am using SQL server 2008 . For securit reasons, I want  to restrict certain users' access  to a single database so that they can only see the ABCDatabase in Management studio once logged in.

And to achieve that:

1- I have created a new user.

2- Denied View all database rights to that user.

3-Set that user as Owner of ABCDatabase


Now on login that user cannot see other databases but is still able to see the system databases.

How can i hide those system databases from that user?

0
Comment
Question by:davnhm
  • 3
  • 2
5 Comments
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
Comment Utility
0
 
LVL 142

Expert Comment

by:Guy Hengel [angelIII / a3]
Comment Utility
>but is still able to see the system databases.
sorry...
but you cannot hide those. they contain the meta-data that the user will need to query anyhow to see permissions etc .
0
 

Author Comment

by:davnhm
Comment Utility
Thanks Angelll, but I am not entirely following you. What I need to do is give the user limited access to one database. I also want to remove any risk of them being able to access further databases. That is why I did not want them to see the system/security databases.

Is it possible to give such access to a single database without compromising security for the rest?
0
 
LVL 142

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 500 total points
Comment Utility
>That is why I did not want them to see the system/security databases.
you cannot do that.

>Is it possible to give such access to a single database without compromising security for the rest?
seing the system/security db not comprimise anything else, as with limited permissions, the use cannot "do" anything more than seeing eventually that other databases existed: the user won't be able to connect to those databases, given that the login has not been mapped to those other databases, and does not have server role that would allow him to do so anyhow (aka sysadm)
0
 

Author Closing Comment

by:davnhm
Comment Utility
Very helpful.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

In this article I will describe the Backup & Restore method as one possible migration process and I will add the extra tasks needed for an upgrade when and where is applied so it will cover all.
How to leverage one TLS certificate to encrypt Microsoft SQL traffic and Remote Desktop Services, versus creating multiple tickets for the same server.
Via a live example, show how to extract insert data into a SQL Server database table using the Import/Export option and Bulk Insert.
Viewers will learn how to use the SELECT statement in SQL to return specific rows and columns, with various degrees of sorting and limits in place.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now