Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.
One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.
Security issue in SQL: How to hide System Databases from certain users
I am using SQL server 2008 . For securit reasons, I want to restrict certain users' access to a single database so that they can only see the ABCDatabase in Management studio once logged in.
And to achieve that:
1- I have created a new user.
2- Denied View all database rights to that user.
3-Set that user as Owner of ABCDatabase
Now on login that user cannot see other databases but is still able to see the system databases.
How can i hide those system databases from that user?
And to achieve that:
1- I have created a new user.
2- Denied View all database rights to that user.
3-Set that user as Owner of ABCDatabase
Now on login that user cannot see other databases but is still able to see the system databases.
How can i hide those system databases from that user?
Asked:
3-
2
1 Solution
>but is still able to see the system databases.
sorry...
but you cannot hide those. they contain the meta-data that the user will need to query anyhow to see permissions etc .
sorry...
but you cannot hide those. they contain the meta-data that the user will need to query anyhow to see permissions etc .
Thanks Angelll, but I am not entirely following you. What I need to do is give the user limited access to one database. I also want to remove any risk of them being able to access further databases. That is why I did not want them to see the system/security databases.
Is it possible to give such access to a single database without compromising security for the rest?
Is it possible to give such access to a single database without compromising security for the rest?
>That is why I did not want them to see the system/security databases.
you cannot do that.
>Is it possible to give such access to a single database without compromising security for the rest?
seing the system/security db not comprimise anything else, as with limited permissions, the use cannot "do" anything more than seeing eventually that other databases existed: the user won't be able to connect to those databases, given that the login has not been mapped to those other databases, and does not have server role that would allow him to do so anyhow (aka sysadm)
you cannot do that.
>Is it possible to give such access to a single database without compromising security for the rest?
seing the system/security db not comprimise anything else, as with limited permissions, the use cannot "do" anything more than seeing eventually that other databases existed: the user won't be able to connect to those databases, given that the login has not been mapped to those other databases, and does not have server role that would allow him to do so anyhow (aka sysadm)
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
Have a better answer? Share it in a comment.
Join & Write a Comment Already a member? Login.
Featured Post
Tackle projects and never again get stuck behind a technical roadblock.
Join Now
http://www.sql-server-performance.com/faq/unauthorised_user_ssms_p1.aspx