How to prevent the use of "SELECT *"


One good tip for writing good SQL code is to always select the columns you need and never just select everything. Well here is a description on how to actually prevent SELECT * queries (you need to complete a free registration to see the article). The basic idea is to add a dummy column to all your tables and then limit the access to this column using DENY SELECT ON OBJECT for that column. Personally I think this is maybe taking it a little bit too far but desperate times calls for desperate measures, right…

Comments (1)

  1. Justin says:

    On higher security networks, I’ve used this method. It also works for school districts looking to secure their DBs from wannabe student hackers changing grades (yes, I’ve seen it attempted).

Skip to main content