Is it logical to change SQL permissions from 3rd party app?

Expand Post »

Hi,
recently i needed to query a table , however i was denied "Select " permissions (because permissions had not yet been exported as the db was).
Should my application enable for administrator to grant permissions , if that error occurs OR should permission granting be done through MS SQL server only?
(is it unnecessary,security risk or good practice?)

-Thanks

Similar Threads

Error Handling 3rd party software in VB.NET
500 Server Error running 3rd party jar files in ColdFusion
How do I get msi net installer to register 3rd party ocx in VB.NET
Have novell authenticate using 3rd party ldap in Networking
Favorite 3rd party software with MySQL in MySQL

stoymigo

Reputation Points: 8

Solved Threads: 2

Junior Poster in Training

Offline

52 posts
since Aug 2008

Permalink

Sep 21st, 2009

Re: Is it logical to change SQL permissions from 3rd party app?

It depends. If your application installs the SQL Server instance and maintains it then you can do what you need to ensure the application functions.

If you allow users to use any network instance of SQL then you're best off not to automate any security modifications as you risk pissing off a DBA.

I have both cases -- In the case where my app installs the DB I require the app to run with dbo permissions so it can adjust the database accordingly -- both schema and permissions.

In the case where I don't install the DB I don't make any changes, I just flash informative error messages with what they need to do to fix the problem.

sknake

Featured Poster

Reputation Points: 1749

Solved Threads: 735

Senior Poster

Offline

3,948 posts
since Feb 2009

This thread is solved

Either the thread starter or a moderator has marked this thread as solved. You can most likely trust the responses and answers given. There is most likely no reason for any further responses to be posted here. If you have a related question, please start a new thread in this forum instead.

This thread is more than three months old

No one has posted to this discussion for at least three months. Please let old threads die and do not reply to them unless you feel you have something new and valuable to contribute that absolutely must be added to make the discussion complete. Otherwise, please start a new thread in this forum instead.

Previous Thread in MS SQL Forum Timeline: Putting OPTIONAL condition in where clause for select statement

Next Thread in MS SQL Forum Timeline: Interesting Unique Id generation Problem

DaniWeb Message

Cancel Changes

User Name
Password