SQL Server column level security

Posted by user46372 on Stack Overflow See other posts from Stack Overflow or by user46372
Published on 2012-09-29T15:09:06Z Indexed on 2012/09/29 15:37 UTC
Read the original article Hit count: 139

Filed under:

sql-server

|

sql-server-2008

I think I need some pointers on security in SQL Server. I'm trying to restrict some of our end users from getting access to certain columns (i.e. SSN) on a table.

I thought I could just use column level security to restrict access to the columns. That successfully prevented users from accessing the table directly, but I was surprised that they could still get to those columns through a view that accessed that table.

I followed the tips here: http://www.mssqltips.com/sqlservertip/2124/filtering-sql-server-columns-using-column-level-permissions/ Those were very helpful, but when I created a view at the end, the intern was able to access that column by default

I've read that views are the best way to accomplish this, but I really don't want to go through and change all of the views and the legacy front-end application. I would rather just restrict it once on the table and if a view tries to access that column it would just fail.

Is that possible or am I misunderstanding how security works in SQL Server?

© Stack Overflow or respective owner

Related posts about sql-server

SQL SERVER – Beginning SQL Server: One Step at a Time – SQL Server Magazine

as seen on SQL Authority - Search for 'SQL Authority'
I am glad to announce that along with SQLAuthority.com, I will be blogging on the prominent site of SQL Server Magazine. My very first blog post there is already live; read here: Beginning SQL Server: One Step at a Time. My association with SQL Server Magazine has been quite long, I have written nearly… >>> More
How to install SQL Server 2005 Configuration Manager without installing SQL Server Management Studio

as seen on Server Fault - Search for 'Server Fault'
Hi, I need to configure SQL Server aliases on a public-facing production server. To do that, I need to install SQL Server Configuration Manager. I was not able to find a standalone installer for that, so I am having to install SQL Server 2005 Client Components. This approach is not ideal as we don't… >>> More
[MAJ] SQL Server 2005 Express Edition - La version gratuite de SQL Server 2005

as seen on ASP-PHP.net - Search for 'ASP-PHP.net'
Modification technique pour le site de l'article. >>> More
How to create SQL Server Express DB from SQL Server DB

as seen on Stack Overflow - Search for 'Stack Overflow'
I have a SQL Server 2008 DB. I want to extract SOME tables (and associated schema, constraints, indexes, etc) and create a SQL Server Express DB. It isn't a sync of the target, we stomp on it. We ONLY need to do this in the file system (not across the wire). We are not fond of the synchronization… >>> More
sql server 2000 error, error trying to connect to sql server 2005

as seen on Stack Overflow - Search for 'Stack Overflow'
i am connecting to sql server 2000 on a remote computer with a dotnet application, but when i try to open the connection it gives the following error: When connecting to SQL Server 2005, this failure may be caused by the fact that under the default settings SQL Server does not allow remote connections What… >>> More

Related posts about sql-server-2008

Cumulative Update packages for SQL Server 2008 R2 RTM & SQL Server 2008 SP1

as seen on SQL Blogcasts - Search for 'SQL Blogcasts'
Here is the news on Cumulative Update release news on SQL Server 2008 R2 RTM & SQL Server 2008 Service Pack 1. First let us go through SQL Server 2008 R2 RTM cumulative update, release consist the only hotfixes that were released in Cumulative Update 5, 6, & 7 for SQL Server 2008 SP1. Cumulative… >>> More
SQL Server 2008 Vs Sql Server 2008 R2 in web-development

as seen on Stack Overflow - Search for 'Stack Overflow'
This will give many opportunities in Web-development transition from Sql Server 2008 to Sql Server 2008 R2: 1.If database in one instance of SQL Server. 2.a) if in the server PC have 1 processor b) if in the server PC have 4 processors >>> More
SQL Server 2008 to SQL Server 2008

as seen on Stack Overflow - Search for 'Stack Overflow'
I have an MDF and LDF file of SQL Server 2005. i attached it with SQL Server 2008 and did some change in data. now when i attached it back to sql server 2005 Express Edition it gives version error. The database 'E:\DB\JOBPERS.MDF' cannot be opened because it is version 655. This server supports version… >>> More
SharePoint 2010 – SQL Server has an unsupported version 10.0.2531.0

as seen on ASP.net Weblogs - Search for 'ASP.net Weblogs'
I am trying to perform a database attach upgrade to SharePoint Foundation 2010. At this point I am trying to attach the content database to a Web application by using Windows Powershell: Mount-SPContentDatabase -Name <DatabaseName> -DatabaseServer <ServerName> -WebApplication <URL>… >>> More
Uninstalling Reporting Server 2008 on Windows Server 2008

as seen on SQL Blog - Search for 'SQL Blog'
Ha. I had quite disputable pleasure of installing and reinstalling and reinstalling and reinstalling – I think about 5 times before it worked – Reporting Server 2008 on Windows Server with the same year number in name. During my struggle I came across an error which seems to be not quite unfamiliar… >>> More