WinSQL » Knowledge base

Document information

Document ID:3362
Subject:Limiting WinSQL to SELECT queries
Creation date:5/1/14 9:34 AM
Last modified on:5/1/14 9:51 AM


Limiting WinSQL to SELECT

Often users ask us if there is a way to restrict WinSQL to run only SELECT queries. A quick answer to this questions is No and there is a reason.

Data can be updated without writing UPDATE/DELETE queries explicitly. For good example is Stored Procedures. Therefore, it is not a good idea to restrict such queries in the front end.

The built-in user based security provided by the back-end database is the best way to grant and limit permissions to users. For example, revoke UPDATE/DELETE permission for the user who you want to run only SELECT queries. This way, regardless of which tool or front-end the user is using, he/she will always be restricted from mistakenly deleting or changing anything.

Even if WinSQL provided the ability to block UPDATES and DELETES, a smart user can always bypass such restrictions using either a different tool or writing a custom program. Therefore, the best way to restrict a user from running unwanted queries is the back-ends built in security mechanism.




Add a comment to this document

Do you have a helpful tip related to this document that you'd like to share with other users? Please add it below. Your name and tip will appear at the end of the document text.
Your name:
Your email:
Hide my email address
Verification code:
Enter the verification code you see above more submitting your tip
Tip:Please limit tips to 1000 characters

Navigation

Social Media

Powered by 10MinutesWeb.com