Subject Re: Stored procedures
Author Alexander V.Nevsky
--- In, "Antonin Karasek"
<lists@c...> wrote:
> Hello everybody,
> is it possible to deny users to execute stored procedures including
it's own
> procedures?
> I own an webhosting server and don't want allow users to execute any
> code...

Antonin, you can revoke privileges to execute existing SP from any
user except it's creator. In fact, you can revoke this from creator
too, not via SQL security control statements but changing owner of
procedure in system tables. I recall there are some danger on this way
but can't recall exactly which. Thomas Steinmaurer released recently
tool for owner changing, I believe he made all correctly. You can't
deny creation of SPs from users. But what wrong can user made if he
created SP not having rights on affected by it tables etc? Nor he,
neither SP itself can't make any harm (except DoS attack like overload
of server, what can be done using plain SQL)?

Best regards,