I know that it's possible to set execute permissions for a stored procedure to a database role or user. My question is, how is access to any tables that the SP accesses determined? Does the principal who calls the SP also have to have requisite permissions for the underlying objects that are touched by the SP?
Sql-server – SQL Server stored procedure permissions
sql serverstored-procedures
Related Question
- Grant permission to execute stored procedure without granting access to underlying table – Oracle
- Sql-server – Using CREATE TYPE within Stored Procedure Call
- Sql-server – Grant permissions on a stored procedure to tables in another schema
- Sql-server – SQL Server CREATE and DROP TABLE Permissions in Stored Procedure Only
- T-sql – Scripting execute permissions on stored procedure
- Sql-server – Stored procedure security with execute as, cross database queries, and module signing
- Sql-server – Grant a database role in current database with permission to execute a SP in msdb
- Sql-server – How to grant execute permissions to a stored procedure but not to the underlying databases
Best Answer
One only needs to ensure that the SP and objects that the SP accesses all have the same owner (ownership chaining rules)--then SQL Server doesn't look at permissions of chained objects. From the online SQL Server documentation: