Restricting access to stored procedure
Posted on 2011-03-16
Here is the problem (without getting into specifics). An IT support staff runs a SQL query using SQL query analyzer, saves the output to an excel spreadsheet, which is then uploaded into a system. Since the query invovles financial transactions, there is a possibility of manipulating this file prior to upload. One solution I can think of is to create a stored procedure to which the user will have only execute access (and will not be able to view/edit it) and the output will be saved into a folder to which he will not have access. Is this possible? What kind of privileges would have to be granted? Also, if the stored procedure needs to write an excel file on the server, will the user need to use a privileged account?