Can anyone explain the security issues with using built-in security roles such as db_writer, db_reader, etc. We have an application that uses these to control access, but one client is complaining that it causes them to fail a security audit. What are the alternatives to using these roles?
Craig Berntson
MCSD, Microsoft .Net MVP, Grape City Community Influencer