0

Is there any way to be sure that a table will be modified (INSERT/DELETE/UPDATE) only by stored procedures in SQL Server without touching the permissions?

Improve this question
2
  • 1
    If you want a table only to be modified by a sproc you need to apply permissions to the table. In addition, deny any objects / any users / except for the user that needs to run the sproc as well as the sprocs. Commented Aug 6, 2012 at 14:29
  • You don't need to grant table permissions to the user running the SP. They will have permissions by nature of running the stored procedure Commented Aug 6, 2012 at 14:36

2 Answers 2

Reset to default
2

No. That's what permissions are for.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

Unfortunately i don't think there is a way to do it without touching permissions. The only way I know to do this is to

  1. setup a user that can only call SP's (no access to any tables).
  2. in each SP, you'll have to impersonate a user that has full access to the tables using "EXECUTE AS" (http://msdn.microsoft.com/en-us/library/ms188354.aspx)
  3. Applications then use the new user you created in step one to call SP's.
Improve this answer

1 Comment

You don't have to use execute as.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.