In SQL 2008, which right allows a user to assign himself another right?

security sqlbulkcopy sql-server sql-server-2008

Question

I must authorize adb_datawriter before to executionSqlBulkCopy then take it away:

try
{
   "EXEC [db_mod].[sys].[sp_addrolemember] N'db_datawriter', N'my_user'" // via SqlCommand
   bulk.WriteToServer(table);
}
finally
{
   "EXEC [db_mod].[sys].[sp_droprolemember] N'db_datawriter', N'my_user'" // via another SqlCommand
}

but I'm experiencing a problem:

User does not have permission to perform this action.

How can I correct that?

1
0
10/26/2009 10:34:08 AM

Popular Answer

The MSDN sp_addrolemember section explains what privileges are required.

  • membership in the fixed database role db owner.
  • membership in the fixed database role db securityadmin.
  • belonging to the role that owns it.
  • CHANGE the role's authorization to

In reality, you would need the db securityadmin position.

Why then not just maintain INSERT/UPDATE privileges through GRANT? If you have enough privilege now, you don't need to extend yourself any additional rights.

1
10/27/2009 7:43:21 PM


Related Questions





Licensed under: CC-BY-SA with attribution
Not affiliated with Stack Overflow
Licensed under: CC-BY-SA with attribution
Not affiliated with Stack Overflow