Friday, March 9, 2012

Query to determine public access

Is there any T-SQL Script or SP that would determine what tables public users have access to? I only ask because I would like to make sure that any users with public rights do not have access to SYSXLOGINS, SYSDATABASES, SYSOBJECTS, SYSCOLUMNS and mswebtasks tables. Thanks
-Kyle

All users are members of the public role by default and out of the box public won't have any explicit permissions assigned to it. So unless you've tampered with these settings, you should be ok.

Remember if you assign explict deny permissions on public this could have unexpected consequences as ALL logins won't have access to those tables.

Id suggest having a user defined database role which you add all users that has the desired permissions.

HTH!

|||Being a DBA in a somewhat large company means that you inherit a lot of the main aspects of the job. Along with that, you can't satisfy auditers with the explanation that out of the box the public user role won't have rights to the tables. Thus, if anybody has a query that would tell the tables that the public user role has that would be fantastic.
Posted by wavylookingcvbu at 8:47 PM
Labels: , , , , , , , , , , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)