I have set up a SQL Role and denied SELECT, INSERT, UPDATE, DELETE access to a number of tables.
I noticed that a user in this role can create a stored procedure containing a SELECT, INSERT, UPDATE or DELETE statement on the table that I have denied access to.
How could I stop the user in the role from being able to create/alter/execute stored procedure which use the tables than I have denied access to?
Also, the user in the role needs to be able to execute stored procedure on the tables which they are not denied access to.
Any help is appreciated.
View Complete Post