> Referring to Scot's response -- I don't see DBO as being a bad thing, of
> course I also don't let the users know what their SQL Server login id's
> are!! Keeps 'em out of the back-end without going through my app.
That is a good suggestion if you are on a closed system. If
this is the case, I would recommend this as well. However, if you are
not, aliasing can lead to some potential problems. Permissions can be
by-passed and etc. At my shop, we allow our users to access the
backend via other applications (mainly as ad-hoc GUI query tools and
frequently as read only (s)) as well, so this may not work
considering you can fire any TSQL command from something like VFP.
I've found the most dangerous users are the ones who think they know
what they are doing and want to correct "problems" they find (bg).
Scot.
Précédent
Répondre
Voir le fil de ce thread
Voir le fil de ce thread à partir de ce message seulement
Voir tous les messages de ce thread
Voir tous les messages de ce thread à partir de ce message seulement