.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Developer Security Permissions

Posted By:      Posted Date: September 22, 2010    Points: 0   Category :Sql Server
Ok, so, the developers are trying to force me into giving them DBA rights on the database, but I am telling them no. Essentially, they have DDL admin, Data Reader and Data Writer and Execute on their procedures and functions. They are saying they need db_securityadmin rights in order to grant datareader and datawriter and execute permissions on objects when they create them. If I am not mistaken reading and writing form tables should be automatic, but execute permissions would only need to be set. Is there something else I am not thinking about?
John M. Couch

View Complete Post

More Related Resource Links

Security Tips: Defend Your Code with Top Ten Security Tips Every Developer Must Know


There are many ways to get into trouble when it comes to security. You can trust all code that runs on your network, give any user access to important files, and never bother to check that code on your machine has not changed. You can run without virus protection software, not build security into your own code, and give too many privileges to too many accounts. You can even use a number of built-in functions carelessly enough to allow break-ins, and you can leave server ports open and unmonitored. Obviously, the list continues to grow. What are some of the really important issues, the biggest mistakes you should watch out for right now so that you don't compromise your data or your system? Security experts Michael Howard and Keith Brown present 10 tips to keep you out of hot water.

Michael Howard and Keith Brown

MSDN Magazine September 2002

Security in .NET: The Security Infrastructure of the CLR Provides Evidence, Policy, Permissions, and


The common language runtime of the .NET Framework has its own secure execution model that isn't bound by the limitations of the operating system it's running on. In addition, unlike the old principal-based security, the CLR enforces security policy based on where code is coming from rather than who the user is. This model, called code access security, makes sense in today's environment because so much code is installed over the Internet and even a trusted user doesn't know when that code is safe.In this article, Don Box explains how code access security works in the CLR. He discusses the kinds of evidence required by policy, how permissions are granted, and how policy is enforced by the runtime.

Don Box

MSDN Magazine September 2002

Administrator and Developer Guide to Code Access Security in SharePoint Server 2007

Explore configuration options, get best practices for managing CAS in SharePoint environments, and walk through a complex CAS scenario.

Copy sharepoint 2007 folder (with sub folders) with all the security permissions

I am looking to copy a common sharepoint folder(sub folders) in 2007 with all the security permissions intact, to a different location in the same site, Does anyone know how to do this?

Copy sharepoint 2007 folder (with sub folders) with all the security permissions

I am looking to copy a common sharepoint folder(sub folders) in 2007 with all the security permissions intact, to a different location in the same site, Does anyone know how to do this?

System.Security.Permissions.SecurityPermission, mscorlib, Version=, Culture=neutral, PublicKe



I am currently working on SQL server reporting. I have created custom assemblies. I am loading the custom assebly in the rdl file.

I am getting following exception


An error occurred while executing OnInit: Request for the permission of type 'System.Security.Permissions.SecurityPermission, mscorlib, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed. (rsErrorInOnInit)



Please let me know if anyone knows the reason.

Thanks in Advance.

BCS Method Security / External Content Type Permissions / Custom List Security Provider / Security T


I have an external list setup with the usual CRUD methods.  The external SQL table is also being populated by another source.  I want to enable/disable deleting depending on whether the record was created from SharePoint.  I would also like the normal list permissions to work.  So if a user has permissions to delete on the list, they can only delete items created for SharePoint. 

Where should this logic be incorporated?  On the BCS Delete method, somewhere in the External Content Type or on the list instance?  Most examples I find relate to security trimming for search.  I'm only concerned about the delete method.

I'm sure there are multiple ways to accomplish this.  Which is the best?


Unhandled Exception (JIT - security permissions)


Hi I have a serious headache. My WCF service is supposed to start 20 .exe files with 1 second delay between each. If any of the .exe files closes, it will re-start them. However sometimes I get the following error all of the sudden and I have no idea what to do about it, or why I get it. Any help will be appreciated dearly :)

"The Just-In-Time debugger was launched without necessary security permissions. To debug this process, the Just-In-Time debugger must be run as an Administrator."

how to prevent security/permissions affected by backup/restore

I create a copy of a production database (for reporting purposes) by using the backup and restore commands.  The copy is on a seperate server. (replication wont work in my case)
The reporting server allows more read-only access then the production server.

I do a full backup and restore, and of course all permissions/security settings come with all the data.

How can I do a backup and restore of only data without altering permissions on the reporting server? 
As more of my users want to run reports, I give them access on the reporting server but not the production server, and of course it gets wiped out every night when the backup-restore runs.

Using SQL Server 8.0 and 9.0.

document library security permissions on column value

I have created a document library with several number of documents there are 8 divisions so I have given a column called division with choice of selecting one of the divison as a column value now I want to set permissions to users of a divsion to read and write (edit checkout and author) only his respective divisoin and also read only access to all other documentsof other divisions.

Security permissions - fileupload control



Is it only possible to the asp.net worker process to write files to a server folder?

The reason I ask is I need to create folders, store the files using the fileupload control to a file server. My IT colleague is saying that IIS is not installed on this server and hence cant use asp.net process. Is this the only account you can use to create folders/write files to a server? This is a separate server I am trying to write to, and not writing it to the same web server which the application sits under.

Is it possible to use another domain account to write files to a file server?

Many thanks.

Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version


I am using Itext sharp to create a pdf. I am adding an image and I keep getting this error

Request for the permission of type 'System.Security.Permissions.FileIOPermission, mscorlib, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.

it is this bit of code that is causing this


string imagepath = "C:\\BMSApplicationFiles\\PDFImages\\bullfrogWeb.gif";

//add the Image to the DOC
  Image bullfrogImage = Image.GetInstance(imagepath);
  bullfrogImage.SetAbsolutePosition(10, doc.PageSize.Height - 36);

If i comment this out, the PDF builds and no errors are thrown (there is just no image)

I don't understand cause I am am trying to do is read a file.

The directory does have full permission granted to IISUser

Any ideas why I am still geting this permissions error?

how do you balance admin and developer roles in managing security/audience and troubleshooting user


We're a 500-person services business, relatively new to SharePoint and recreating many legacy applications in SharePoint.  We have a couple developers and an administrator and have been trying very hard to segregate those roles.  The administrator controls Audiences, SharePoint groups, Distribution Lists, etc.  Developers have read access to Active Directory, but no rights to view or edit SP groups, Global Audiences, or Distribution Lists.   When user issues arise, the developer must always suspect a group membership problem but can't know enough to confirm or deny.

I would love to hear how others handle this.  Do your developers have admin rights? (And what problems does that cause?).  Do you have strict naming conventions to differentiate GA from SP from Dist List?  Do you have 3rd party tools to synchronize groups, so you can have perfect confidence that the Global Audience "Busboys" contains exactly the same users as the Active Directory group "Busboys?"  Is there a way for developers to have read-only access to the various groups so they can troubleshoot membership problems without endangering security?

What are the required Security permissions to call SAM accountmanagement over the wire, using System



I need to perform remote management on the local SAM database.  I am getting a security permission error, but can't figure out what the required permissions need to be.  My test harness works great as a locally authenticated user however the permission issue gets thrown when I am trying to connect to a remote host that isn't part of the domain.

The exception is getting thrown on the call to ValidateCredentials, which is found in the constructor for the LocalAccount class below, specifically you will see it  public LocalAccount(string Server, string User, string Password)

My test environment includes windows 7 machines that are working in a offline mode trying to connect to machines running XP, 2003 and Windows 7 that are not part of the domain.

Any and all help would be appreciated.


using System;
using System.Collections.Generic;
using System.DirectoryServices;
using System.DirectoryServices.AccountManagement;

namespace WindowsManagement
  class Program

Permissions .NET 1.1 security - Cant run program across network.



I'm having trouble trying to get a simple program that I wrote to run on logon. The program simply reads the event log of the domain controller / server 2003 and displays any errors and if the backup failed.

************** Exception Text **************
System.Security.SecurityException: Request for the permission of type 'System.Diagnostics.EventLogPermission, System, Version=, Culture=neutral, PublicKeyToken=b77a5c561934e089' failed.
   at System.Security.CodeAccessSecurityEngine.Check(Object demand, StackCrawlMark& stackMark, Boolean isPermSet)
   at System.Security.CodeAccessPermission.Demand()
   at System.Diagnostics.EventLog.GetEventLogs(String machineName)
   at ShowEventErrors.Form1.Form1_Load(Object sender, EventArgs e)
   at System.Windows.Forms.Form.OnLoad(EventArgs e)
   at System.Windows.Forms.Form.OnCreateControl()
   at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
   at System.Windows.Forms.Control.CreateControl()
   at System.Windows.Forms.Control.WmShowWindow(Message& m)
   at System.Windows.Forms.Control.WndProc(Message& m)
   at System.Windows.Forms.ScrollableControl.WndProc(Message& m)
   at System.Windows.Fo

SharePoint Tutorial - Security

Security in SharePoint is comprised of users, groups and roles.

Users, Groups and Roles

A user account comes from the authentication system. For example, if Active Directory is used to authenticate then the user accounts will come from it.

There are two types of groups SharePoint uses: domain groups and SharePoint groups.

Microsoft SharePoint Online Standard Developer Guide

Developers Guide for SharePoint Online (Standard Offer). Microsoft® Office SharePoint® Online is a collection of Web-based tools and technologies built on Microsoft Office SharePoint Server 2007 that help you store, share, and manage digital information within your company. This white paper describes the customization (or extensibility) capabilities that are supported with the Standard offering of SharePoint Online
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend