Microsoft KB Archive/128950

From BetaArchive Wiki

FIX: Permissions Denied on Certain Columns After Revoking One

Q128950


The information in this article applies to:


  • Microsoft SQL Server version 4.2x


BUG# NT: 8693 (4.21a)


SYMPTOMS

If permissions are granted for full UPDATE and/or SELECT privileges to a group, but permissions are revoked for a single column for a user of that group, other columns in the table will be denied to that user.

When permissions for one column are revoked for the user, only the eighth column or greater (in the order they are created in the table definition) will be denied to the user. This behavior is independent on which column was used to revoke permissions.

Tables with eight columns or less do not exhibit the behavior. If permissions are granted and revoked at the group or user level, not mixed, the problem does not occur.



WORKAROUND

  1. Grant or revoke permissions to the entire group or to individual users instead of using a mixed approach.
  2. Create views to restrict access to columns instead of granting or revoking permissions at the column level.



STATUS

Microsoft has confirmed this to be a problem in Microsoft SQL Server version 4.21a. This problem was corrected in SQL Server version 6.0. For more information, contact your primary support provider.

Additional query words: 8 8th Windows NT

Keywords : kbother
Issue type : kbbug
Technology : kbSQLServSearch kbAudDeveloper kbSQLServ420OS2


Last Reviewed: March 24, 2000
© 2001 Microsoft Corporation. All rights reserved. Terms of Use.

Retrieved from ‘https://www.betaarchive.com/wiki/index.php?title=Microsoft_KB_Archive/128950&oldid=62684
the Creative Commons 3.0 ShareAlike (except the Microsoft KB Archive).
Powered by MediaWiki