tags:

views:

184

answers:

5
+2  Q: 

Is there a way to make transactions or connections read only in SQL Server?

I need a quick "no" for DELETE/UPDATE/INSERT, since 3p reporting tool allows users to write their own SQL.

I know that I should probably add a new user and set permissions on tables/sp/views/etc..., and then create a new connection as restricted user.

Is there a quicker way to force a transaction or connection in SQL Server to read only mode?

+1  A: 

Change the permissions for the user (the one used in the connection string) on the SQL Server.

kern  2009-02-11 11:09:46
I know that. But I need read only restriction only while working with reports.
dmajkic  2009-02-11 11:12:54
@dmajik: So use multiple users and switch between them as appropriate.
John Sansom  2009-02-11 11:22:56
@dmajkic, WHY only with reports? What's the reasoning behind that?
paxdiablo  2009-02-11 11:27:26
@kem: All other SQL is under applicatin control. This is the only place that user can execute unknown sql. Wouldn't it be great if you could just clone connection, set it to be read-only and then allow to go reporting?
dmajkic  2009-02-11 12:11:33
+3  A: 

I don't know. If the 3P tool is that crazy, I would be completely paranoid about what I exposed to it. I think that setting up a new user is the best thing. Maybe even just giving them certian views and/or stored procs and calling it a day.

Charles Graham  2009-02-11 11:10:37
+2  A: 

Why are you worried about your users' ability to put arbitrary SQL in their reporting queries? If they have the rights to change data in your database, surely they can just connect to it with any ODBC client and execute the SQL directly.

I'm not sure it's 3P that's the issue here, it sounds more like you need to restrict your users but haven't.

If you have a class of users who shouldn't be allowed to change your data, then set their accounts up that way. Relying on the fact that they'll only use a reporting tool that doesn't let them change data is a security hole I could drive a truck through.

If they are allowed to change the data, restricting sessions from 3P won't help secure your system.

Unless I've misunderstood your set-up. I've been wrong before, just ask my wife. In which case, feel free to educate me.

paxdiablo  2009-02-11 11:26:29
I have a user group that has the rights to create reports, via that 3p supplied designer. Other users can't access report designer. I realize that there is no defence against user with admin rights. But the idea of putting DELETE in report's SQL is a truck drive-in, and these are easier to spot.
dmajkic  2009-02-11 12:03:12
That still doesn't explain why you don't just lock down the users that don't need to change data. Until that's done, 3p is just one attack vector; even if you don't think your users will find another, my opinion is that it's negligent (possibly in a very real and legal sense) to keep this hole open.
paxdiablo  2009-02-11 12:49:27
A: 

If you have control when the connection is created and closed the you could perform a BEGIN TRAN and then do a ROLLBACK at the end. That way anything this reporting tool does will be rolled back at the end. However, if it has the ability to manage these transactions or new connections, or if the user base is unknown and potentially malicious then it is not foolproof. In addition, any large transaction may result in your database being locked by your users actions

I have to say though, the real answer is security is allocated to users. The "quicker" way you're after is a new user with just read only permissions.

Robin Day  2009-02-11 11:42:47
+1  A: 

Does it have to be with named users ? I have a "report" user and a "browser" user that just has select rights on most tables. Anyone that needs data uses those accounts and since they are select only I don't have to worry about them.

See Kern's link.

jim  2009-02-11 12:03:38
I looks like that's the way to go. Do you use sql auth or windows or both? Anything to notice?
dmajkic  2009-02-11 12:15:20
Use Windows auth if possible, SQL auth only if you're connecting between 2 untrusted domains. Least chance for password exposure.
devstuff  2009-02-11 12:26:19
I agree with devstuff
jim  2009-02-11 16:05:52

related questions

Sql to query a dbs scheme
Transform Columns into Rows
SQL Client for Mac OS X that works with MS SQL Server
How do you get leading wildcard full-text searches to work in SQL Server?
SQL Server 2000: Is there a way to tell when a record was last modified?
What's the BEST way to remove the time portion of a datetime value (SQL Server)
I need to know how much disk space a table is using in SQL Server
What's the best way to determine if a temporary table exists in SQL Server?
Appropriate pagefile size for SQL Server
Have you ever encountered a query that SQL Server could not execute because it referenced too many tables?
ASP.NET MVC "CRUD" Database Sample
How do I unit test persistence?
Best Book for a new Database Developer
Can I logically reorder columns in a table?
Best way to copy a database in SQL Server 2005/8?
Is Windows Server 2008 "Server Core" appropriate for a SQL Server instance?
Why doesn't SQL Full Text Indexing return results for words containing #?
Client collation and SQL Server 2005
Editing database records by multiple users
Deploying SQL Server Databases from Test to Live
SQL Server 2005 implementation of MySQL REPLACE INTO?
Upgrading SQL Server 6.5
How do I version my MS SQL database in SVN?
How to export data from SQL Server 2005 to MySQL
Check for changes to a SQL table?