Limiting WinSQL to SELECT
Often users ask us if there is a way to restrict WinSQL to run only SELECT queries. A quick answer to this questions is No and there is a reason.
Data can be updated without writing UPDATE/DELETE queries explicitly. A good example is Stored Procedures. Therefore, it is not a good idea to restrict such queries in the front end.
The built-in user based security provided by the back-end database is the best way to grant and limit permissions to users. For example, revoke UPDATE/DELETE permission for the user who you want to run only SELECT queries. This way, regardless of which tool or front-end the user is using, he/she will always be restricted from mistakenly deleting or changing anything.
Even if WinSQL provided the ability to block UPDATES and DELETES, a smart user can always bypass such restrictions using either a different tool or writing a custom program. Therefore, the best way to restrict a user from running unwanted queries is the back-ends built in security mechanism.
Do you have a helpful tip related to this document that you'd like to share
with other users? Please add it below. Your name and tip will appear at the
end of the document text.
