How to prevent the use of "SELECT *"


One good tip for writing good SQL code is to always select the columns you need and never just select everything. Well here is a description on how to actually prevent SELECT * queries (you need to complete a free registration to see the article). The basic idea is to add a dummy column to all your tables and then limit the access to this column using DENY SELECT ON OBJECT for that column. Personally I think this is maybe taking it a little bit too far but desperate times calls for desperate measures, right…

Comments (1)

  1. Justin says:

    On higher security networks, I’ve used this method. It also works for school districts looking to secure their DBs from wannabe student hackers changing grades (yes, I’ve seen it attempted).