Dynamic SQL and digital signatures in SQL Server 2005

   As I already mentioned, dynamic SQL is a quite powerful, but also quite dangerous. In SQL Server 2005 we introduced a new feature that is also quite powerful and when used properly can be quite useful; but it is important to learn and understand any such feature in order to use it properly.  In…

5

Using a digital signature as a secondary identity to replace Cross database ownership chaining

  In SQL Server 2000, Cross database ownership chaining (CDOC) was a mechanism used to allow access (DML access) to resources on different DBs without explicitly granting access to the resources (such as tables) directly.     Unfortunately CDOC is a feature that Microsoft does not recommend as it has some serious security risks inherent…

5

How to distribute digitally signed SQL modules

Digital signatures in SQL Server 2005 modules can be used to extend the privileges of the caller for the duration of the call. This feature enables the ability to create an application that can enable authorized callers to access resources (such as tables, symmetric keys, etc.) that otherwise would require highly escalated privileges.   While…

1