Does a query thats executed as a dynamic SQL run under a different security
context other than the caller ?
No, that will be possible in sql 2005.
HTH, Jens Suessmeyer.
"Hassan" <fatima_ja@.hotmail.com> schrieb im Newsbeitrag
news:OhZ6a11SFHA.3140@.TK2MSFTNGP14.phx.gbl...
> Does a query thats executed as a dynamic SQL run under a different
> security
> context other than the caller ?
>
|||Hassan wrote:
> Does a query thats executed as a dynamic SQL run under a different
> security context other than the caller ?
No. Same security context. But the caller must have rights to the
underlying objects. If, for example, you execute a dynamic SQL command
from a stored procedure that updates the Customer table, the caller must
have update rights on the Customer table. Simply granting execute rights
to the proc is not enough.
David Gugick
Imceda Software
www.imceda.com
|||Depend. When you execute a stored procedure, the sp is executed under the
security context of the sp owner (first sql server check if the caller has
right to execute the sp), but if this sp use dynamic sql, then the batch
being executed using EXEC() or sp_executesql is executed under the security
context of the caller.
AMB
"Hassan" wrote:
> Does a query thats executed as a dynamic SQL run under a different security
> context other than the caller ?
>
>
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment