sql server - how to override 'public' privileges -
as there databases on server available public role, how can close access database sqlserver login directly? login not using database has access under public privileges. need keep access public deny user.
a deny take precedence on grant. in order able deny permission, need principal apply deny to. therefore sequence of actions is:
- create user login in database (so have principal)
- explicitly deny permission user created above
note that, rule, cannot deny permissions on securable owner of securable. members of sysadmin mapped dbo, hence cannot denied permission.
Comments
Post a Comment