SQL Server user account in the security database, you can control the user's permission - Code World

SQL Server user account in the security database, you can control the user's permission

Others 2019-07-10 21:55:01 views: null

Today, the company SQL Server database, found a SQL Server user account "DemoUser":

"DemoUser" sysadmin role not in the database server:

"DemoUser" made in the database "TestDB" the user mapping, the mapping database account, also known as "DemoUser", the default SCHEMA is "dbo":

"DemoUser" does not own any SCHEMA in the database "TestDB":

"DemoUser" no db_owner permissions in the database "TestDB":

But the strange thing is, "DemoUser" to connect to the database "TestDB", was able to execute a stored procedure under the src SCHEMA "[src] [SP_ShowUsers].":

This is very strange, why SQL Server account "DemoUser" is not a database server administrator (sysadmin), there is no database "TestDB" the db_owner permission, nor has the src SCHEMA, but can be successfully executed " EXEC [src]. [SP_ShowUsers] ", the stored procedure?

Later I found out that "DemoUser" own database "TestDB" The EXECUTE permission:

We can see that by default, this window above screenshot, left Securables option after opening the right of the list is empty, we might consider "DemoUser" no permissions database "TestDB", ah?

In actual fact, we click on the Search button in the upper right corner:

Then select All objects of the types:

Then hook on Databases:

Then we will find that the window list, there have been privileged user "DemoUser" has in the database "TestDB", which in the window below the Explicit tab, we can see the "DemoUser" own database "TestDB" the EXECUTE permissions:

The following window Effective Permissions tab also lists "DemoUser" have, among them the EXECUTE permission:

The database "TestDB" the EXECUTE privileges, you can also give users "DemoUser" with the following SQL statement:

USE [TestDB]
GRANT EXECUTE TO [DemoUser]

As long as the account has a SQL Server database EXECUTE permission, then the account can execute a stored procedure on the corresponding database, which is why this article SQL Server account "DemoUser" can perform the cause of stored procedures in the database "TestDB".

So many factors affect the behavior of a SQL Server account, and the account has permission to the SQL Server database is one very important factor.

Guess you like

Origin www.cnblogs.com/OpenCoder/p/11165754.html

SQL Server user account in the security database, you can control the user's permission

Switch the user account security control of lifting weights (II)

Database - How to create a SQL Server user authentication

Bind the user and login name of the sql server database

mysql user authentication and permission control

RabbitMQ user roles and permission control

mysql database user permission settings

Linux_User account permission setting tutorial!

[Permission] By adjusting the O7_DICTIONARY_ACCESSIBILITY parameter, the SYS user can log in to the database as a normal user

PostgreSQL database server's user authentication database

SQL Server database startup process (user database loading process difficult cases) you do not know SQL Server database startup process, and start the analysis of the problems and solving skills are not up

SQL Server database startup process, and analyze problems and solutions do not start up the skills you do not know SQL Server database startup process (gotcha user database loading process)

An article takes you to get Spring Security to store user data in the database

SQL Server database creation account

SQL server creates a user and authorizes a specific table to access the database

SQL server creates a new user and grants permissions to a certain database

WeChat official account of ultra-detailed erlang server passively parses user messages (plaintext mode & security mode)

Linux-account security, su switch user, PAM authentication module, sudo privilege escalation, switch machine security control

SQL Server error when creating user: 15023 User, group or role 'XXX' already exists in the current database?

SQL Server error: "the user has selected an object, so that the user can not be removed."

Linux--Account and permission management--User account and group account--Directory and file permissions and ownership

[Database] SQL Server security settings

[SQL Server] You can remotely connect to the SQL Server database without a public network IP

Apache's security permission control for directories and addresses

To solve the SQL Server administrator account without permission issues

Remove the user object SQL database

Linux system knowledge 4—Linux root user, su and exit commands, sudo command, user and user group management, getent, view permission control, modify permission control -chmod, modify permission control -chown

mysql create user (modify user access database permission, access permission by external IP)

SQL Server user authorization and recycling

Database PostrageSQL-PostgreSQL user account to create a database cluster

Recommended

The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!

Ranking

Getting the basic concepts of ROS + catkin Profile

Spring Learning (2) --- Assembling Beans in the IoC Container

js to get the src attribute of the image regularly

STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud

Short video learning - 3, pandas simple use of pivot_table

Print directory of project configuration log, output log

Understand the difference between vi and vim in Linux in 3 minutes

1 + x certificate Web front-end development HTML5 special exercises

mangodb save and insert the difference

7-1 Family tree processing (50 points) (binary tree solution)

Daily

More

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)