Is there a difference between having db_owner vs having execute/read/write permissions granted?
Is it safer, or no difference at all? Are there any considerations to be taken into account when deciding between one or the other?
Asked
Active
Viewed 3,890 times
1
-
1You should probably ask at [Database Administrators](https://dba.stackexchange.com/) – LarsTech Jul 14 '17 at 18:08
-
Newp. For example... dropping a table or the DB itself. I'd caution giving out db_owner. – S3S Jul 14 '17 at 18:16
1 Answers
0
You're mixing roles and permissions. DB_OWNER is a fixed DB role that has a bunch of permissions. R/W/E are permissions you can grant to a role or user.
db_owner as the name implies, can do pretty much anything to that specific database. A user that has read, write and execute permissions can do just that and only that. Can't create, alter, grant, etc.... The different is significant.
Suggest you check out details of SQL Server security model here https://learn.microsoft.com/en-us/sql/relational-databases/security/permissions-database-engine and remember to only grant what is needed, no more.
Also, this question is more appropriate in dba.stackexchange.com rather than stackoverflow.
SQLmojoe
- 1,924
- 1
- 11
- 15