Please start any new threads on our new
site at https://forums.sqlteam.com. We've got lots of great SQL Server
experts to answer whatever question you can come up with.
| Author |
Topic |
|
pawan
Starting Member
7 Posts |
 Posted - 2004-12-22 : 07:08:21
|
| i am using VB as front-end and mssql as database server 7.0i want to specify app. rules ie. a user can delete / perform some internal task only through this application but user cannot do so through query analyser or any other utility.(i dont want to grant/revoke rights to user on runtime, it may be a security flaw ).is it possible if not then please tell me some alternate way to do this like 'su' command in unix by which u get admin rights for current session for a while. please mail me at pawandeep@rediffmail.com |
|
|
Bustaz Kool
Master Smack Fu Yak Hacker
1834 Posts |
Posted - 2004-12-22 : 09:47:57
|
| Refer to Application Roles in BOL.Remember though that security is handled by the SQL Server. There is nothing your application can do to prevent SQL Server from allowing others to access your tables and other objects.HTH=================================================================Sometimes I wonder whether the world is being run by smart people who are putting us on or by imbeciles who really mean it. -Mark Twain, author and humorist (1835-1910) |
 |
|
|
jsmith8858
Dr. Cross Join
7423 Posts |
Posted - 2004-12-22 : 10:19:25
|
| you don't have to use the user's credentials to access the sql server; your app can use any account you want to communicate with the database. As far the users are concerned, they might never ever have an account or know a username/password that will let them view or edit ANY data from the sql server directly.- Jeff |
|
|
|
|
|
|
Application Rules