Re: Security bug report?
- From: "Mary Chipman [MSFT]" <mchip@xxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 03 Mar 2009 11:33:11 -0500
If I understand you correctly, you are complaining about the fact that
Access can read the schema of the underlying view/table even though
you have revoked permissions to the data. The reason for this is that
Access must be able to read the metadata in order to pass the
appropriate SQL statements through ODBC to T-SQL in order for the
server to execute them. If this is unacceptable, you will need to
create parameterized stored procedures and execute them using
pass-through queries and/or ADO code, which is a lot more work. To
understand the problem more fully, create a Profiler trace and examine
the statements Access passes to the server for execution. HTH,
--Mary
On Tue, 3 Mar 2009 01:32:01 -0800, Belu33fr
<Belu33fr@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
Hi,.
My issue is on the view with View_metadata. Access 2003, Sql 2000 and 2005.
Lasted SP.
Because I had some problems of read only with this type of view (only in
Access), I were looking for a solution. I founded that this type of view must
have all primary key of each table selected and the view could be a delete,
read, insert and update view. I were surprise of this because it was only in
Access.
Becaue of this, it was a possible whole of security and I decide to make
some tests.
I made a database with 3 tables. I made a view with 2 tables and with
VIEW_METADATA. I created all triggers on this view. I try it. All is fine. I
made an user without access on table but grant access on the view (except
DRI). I try it on the database. This user can not view and access directly to
the table. The only possible thing is use the view. It's fine, he can create,
modify and delete data in the database. The security is ok, the user can not
see the real database and the scheme of it.
Unfortunately, I open the view in design mode ... and surprise: I can read
all about the query, see the definitions of the tables. Of course I can not
modify the query but I can see ALL. I thought that something was wrong in
security access. Nothing directly, member of public standard group (we can
not exclude somebody from this group), nothing special in the public group
security.
Question: How msaccess can read this scheme because it has nothing granted
execpt the use of this view? Now, I stop because I dont want say more how use
this question.
Why I did not tell this directly to MS and post on this forum? Because, two
times that I told to MS the security problems (1 for Vista and another for
XP), they answered: First, you did not use a special code to do this and you
are connected to the attacked network, we can not say that it is serious.
Second, because it is by design, we can not consider that it is a security
bug from coding! For all this reason, we can not study this cases.
Yes, I agree with them: a secutity design not allowed access is not a bug of
security !!! LOL
- Follow-Ups:
- Re: Security bug report?
- From: Belu33fr
- Re: Security bug report?
- References:
- Security bug report?
- From: Belu33fr
- Security bug report?
- Prev by Date: RE: Access 2003 - Security bug report?
- Next by Date: Re: Security bug report?
- Previous by thread: Security bug report?
- Next by thread: Re: Security bug report?
- Index(es):
Relevant Pages
|
Loading
