Reputation: 1
Disable cross-database access
Lets say User1 has access to both Db1 and Db2.
Where the DB1 and Db2 reside in the same SQL Server box.
Now with the following syntax this user can access tables from other database:
SELECT *
FROM [database].[schema].[table]
I have a security requirement that I am working on that should restrict cross-database queries.
The user will have access to both the dbs, it is just that I need a way to restrict executing queries on different servers.
Upvotes: 0
Views: 972
Answers (2)
Reputation: 10098
It is not possible what you ask for.
However, your best bet is to deny select from tables as a general rule, and only allow select from views and executing stored procedures. This way you can control who can do what in which context, and fail gracefully on an attempt to do otherwise.
Upvotes: 0
Reputation: 9149
You cannot restrict cross database queries for users that have the appropriate permissions in all involved databases.
Upvotes: 1
Related Questions
- Prevent database access outside the application
- How to disable access to an attached project database
- How to block access to databases except those permitted to access SQL Server
- how to restrict sql database to be opened in other servers?
- Cross Database Security
- Block access to database
- Prevent Microsoft Access 2010 from connecting to Database
- allow Access Database to talk to SQL Server database with restrictions
- how can I prevent dbo login from access my database?
- SqlCommand - preventing stored proc call in other databases