It throw "The user does not have permission to perform this action" once fixed the issue means we can access the sql systables using cfquery.
Asked
Active
Viewed 73 times
2
-
6Yes, providing that the user \ access levels are set with the right permissions – Simon Price Aug 21 '20 at 07:57
-
2@SimonPrice you should right up a proper answer to this question. Then we can upvote and the OP can accept as the correct answer. – Miguel-F Aug 21 '20 at 12:26
-
5Adding to @SimonPrice's comment: "... and you don't mind your SQL Server being vulnerable to the worst kind of SQL Injection attacks." – Adrian J. Moreno Aug 21 '20 at 20:20
-
2To @AdrianJ.Moreno 's point, I would make sure the account had read only permission on those tables. I would no use a system account. – James A Mohler Aug 21 '20 at 22:10
-
2Adding to everyone's comment, ask your DBA. – Dan Bracuk Aug 23 '20 at 03:09
-
1@DanBracuk and be prepared to hear, "NO!". :) – Adrian J. Moreno Aug 24 '20 at 16:48
-
1I'd just reiterate what the others before me said, but as a DBA, I would ask "Why?" before I likely said "No." Depending on what your reason is for needing that access, there's likely another more secure solution to fit your needs. – Shawn Aug 24 '20 at 19:21
-
1NOTE: I can't really think of a good reason to allow this level of risk into a database. If you don't have a DBA, I'd _STRONGLY_ urge you not to do this. But I will give you some kudos here. If you're seeing "The user does not have permission to perform this action", then you aren't using `sa` as your ColdFusion user. :-) – Shawn Aug 24 '20 at 19:24
-
1Fortunately there is less of that since MS started disabling it, by default :-) – SOS Aug 25 '20 at 14:30