Removing Permissions from the public role

From: "BrianK" <briankirk02@xxxxxxxxxxx>
Date: 27 Nov 2006 13:15:49 -0800

I have to allow another application a connection to my database and
only grant them select rights to about 8 tables out of a possible 150
tables in this database. I created a new login and added a new role for
that user and ran some grant scripts to allow them to select from the 8
tables they need to select data from. I see that there is a public role
added by default for all new logins that are created. It seems as if
the public security role is still allowing the new login access to all
of the tables in the database. Rather then have 150 lines of T-SQL to
revoke the select permission from the public role is there an easier
way to do this (NOT THROUGH EM ONLY T-SQL). Below are the scripts that
i used to create the new login:

sp_addlogin 'briank','briank','Northwind'

sp_addrole 'lookup'

sp_grantdbaccess 'briank','briank'

sp_addrolemember 'lookup',briank

GRANT SELECT ON PDF TO briank

GRANT SELECT ON SOCIAL TO briank

Any insight would be appreciated

.

Follow-Ups:
- Re: Removing Permissions from the public role
  - From: Jay B

Prev by Date: Re: SQL Server 2005 on Vista
Next by Date: Re: Removing Permissions from the public role
Previous by thread: Re: SQL Server 2005 on Vista
Next by thread: Re: Removing Permissions from the public role
Index(es):
- Date
- Thread

Relevant Pages

Re: No db access after publishing web site
... GRANT UPDATE TO ... If I detach and attach this database on a different PC (according that PC ... Cannot open database "pago" requested by the login. ... Are you detaching/attaching the SQL Server Express database correctly ...
(microsoft.public.dotnet.framework.aspnet)
Re: Removing Permissions from the public role
... that user and ran some grant scripts to allow them to select from the 8 ... I see that there is a public role ... the public security role is still allowing the new login access to all ... GRANT SELECT ON PDF TO briank ...
(microsoft.public.sqlserver.setup)
Re: Simple SQL Security Question From SQL Newbie
... >exec sp_grantdbaccess 'WIN2K\ASPNET' ... >VS.NET, I can use the server explorer and I can see the database, it's ... >login 'WebCalendar'. ... I also did a GRANT ALL on y2003 TO ASPNET ...
(microsoft.public.sqlserver.security)
Re: Complete Neophyte Question(s)
... No you cannot remove a login from the 'public' role. ... For rights to _use_ objects then the appropriate rights need to be granted ... GRANT SELECT ON dbo.Orders TO OrderViewers ... for a database that is supposed to be secured it is a bad idea ...
(microsoft.public.sqlserver.security)
Re: db_owner role in SQL 2k
... > The owner of a database is a login, which is listed in the sysdatabases ... > table in the master database as the owner of the database. ... and their user name will ALWAYS be DBO. ... > automatically members of the public role. ...
(microsoft.public.sqlserver.programming)