WinSQL » Knowledge base
Document information
| Document ID: | 3362 |
|---|
| Subject: | Limiting WinSQL to SELECT queries |
|---|
| Creation date: | 5/1/14 9:34 AM |
|---|
| Last modified on: | 12/12/18 2:36 PM |
|---|
Limiting WinSQL to SELECT
Often users ask us if there is a way to restrict WinSQL to run only SELECT queries. A quick answer to this questions is No and there is a reason.
Data can be updated without writing UPDATE/DELETE queries explicitly. A good example is Stored Procedures. Therefore, it is not a good idea to restrict such queries in the front end.
The built-in user based security provided by the back-end database is the best way to grant and limit permissions to users. For example, revoke UPDATE/DELETE permission for the user who you want to run only SELECT queries. This way, regardless of which tool or front-end the user is using, he/she will always be restricted from mistakenly deleting or changing anything.
Even if WinSQL provided the ability to block UPDATES and DELETES, a smart user can always bypass such restrictions using either a different tool or writing a custom program. Therefore, the best way to restrict a user from running unwanted queries is the back-ends built in security mechanism.
Add a comment to this document
Do you have a helpful tip related to this document that you'd like to share
with other users?
Important: This area is reserved for useful tips. Therefore, do not post any questions here. Instead, use our
public forums to post questions.
