24 April,2015 by Tom Collins
Question: I get this error message when executing a database function.
The EXECUTE permission was denied on the object ‘cccccccccc’ , database
xxx
Answer:
1) Avoid GRANT EXECUTE to public , such as
GRANT Execute on [dbo].your_object to [public]
Read more on Security audit for SQL public role
2) Avoid giving individual object level permissions . Most internal or external security audits will report on object level permissions as a security weaknkess. Read How to create a SQL Server Security Audit
3) Good solution is to use a database role and grant EXECUTE to the role.
CREATE ROLE db_executor GRANT EXECUTE TO db_executor
For other best practises read the SQL Server security polcy document
This is only a preview. Your comment has not yet been posted.
As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.
Having trouble reading this image? View an alternate.
Posted by: |