Reputation: 3712
Grant Permission stored procedures
I have a database with some stored procedures.
My question is: Is there a problem to do this:
GRANT EXECUTE ON [dbo].[StoredProcedureXPTO] TO [Public]
i.e. grant permission of execution to public?? Or is thar a security issue?
Upvotes: 1
Views: 5571
Answers (4)
Reputation: 34909
I like to avoid giving any permissions on public, because you can't add a user to the database that isn't in the public role. So essentially you are limiting the flexibility of your security by not giving yourself a way to lock any database user out of that stored procedure (other than changing the stored proc permissions later).
Upvotes: 1
Reputation: 12016
The answer entirely depends on what your Stored Procedure does and whether you want every man and his dog to have access to it.
In my experience, it would be unusual since I provide quite narrowly scoped users and roles for my applications.
But your question makes me wonder if there is another issue behind your question. Why do you ask?
Upvotes: 1
Reputation: 2044
Obviously depends on what the stored procedure does and whether you want "public" to be able to do that.
Upvotes: 2
Reputation: 74270
There is no problem if that's what you want. If you want to restrict access to the stored procedure then this is not the way to go.
Upvotes: 5
Related Questions
- Grant role to exec stored procedures
- GRANT EXECUTE to all stored procedures
- Create Procedure Permission ONLY
- Granting a permission of a stored procedure to a user
- How to GRANT SELECT permission to all procedures
- stored procedure permissions and execute
- Grant only stored procedure rights for a user
- SQL Server stored procedures and permissions
- mssql Stored Procedure permissions problem
- Specific rights to GRANT, REVOKE or DENY on stored procedures