In SQL Server 2005, more permissions can be given both in the instance and in the database level than in previous releases. Also, permissions can now be inherited -- for example, permissions given to a schema are inherited by the schema's objects.
Here are examples of new permissions:
-- Grant CONTROL permission on
AdventureWorks user Michelle
-- to user Joseph
-- now the user Joseph can grant permissions
on the user
GRANT CONTROL ON USER::Michelle TO Joseph;
ALTER ANY DATABASE DDL TRIGGER
ALTER ANY SCHEMA
ALTER ANY ROLE
-- Grants IMPERSONATE permission on user
-- AdventureWorks application role
-- The role Accountants can now impersonate
GRANT IMPERSONATE ON USER::Michelle TO
For example:-- Grant role "public" to view any object
-- in the instance level:
GRANT VIEW ANY DEFINITION TO public
-- Grant role "public" to view any object
-- in the database level:
GRANT VIEW DEFINITION TO public
-- Grant VIEW DEFINITION permission on
-- role Accountants together with GRANT
OPTION to database
-- user Michelle (now user Michelle can view
the definition of the Accountants role and
grant it permissions):
GRANT VIEW DEFINITION ON ROLE::Accountants
TO Michelle WITH GRANT OPTION;
This tip is excerpted from New security model in SQL Server 2005.
Security at the server level is typically the responsibility of the DBA or developer, rather than an organizational initiative. With this in mind, Microsoft added a number of security features to SQL Server 2005 intended to make it an easier task.
The new security model in SQL Server 2005 defines two main security objects – principles and securables. In this edition of SQL Server Insider, expert Michelle Gutzait reviews the new security model in SQL Server 2005 and argues the importance of defined security standards and ways they should be applied, managed and controlled. Read this ezine from SearchSQLServer.com to get SQL Server security information about:
• Security configurations for SQL Server
• Surface area configurations
• Data encryption
• The strength of the new schema model and more!
|ABOUT THE AUTHOR:|
| Michelle Gutzait works as a senior database consultant for ITERGY International Inc., an IT consulting firm specializing in the design, implementation, security and support of Microsoft products in the enterprise. Gutzait has been involved in IT for 20 years as a developer, business analyst and database consultant. For the last 10 years, she has worked exclusively with SQL Server. Her skills include SQL Server infrastructure design, database design, performance tuning, security, high availability, VLDBs, replication, T-SQL/packages coding, and more.
Copyright 2007 TechTarget