EXECUTE AS
Stored procedures can play an important security role. You can grant users EXECUTE permissions on the stored procedure without granting them direct access to the underlying objects, thus giving you more control over resource access. However, there are exceptions that would require the caller to have direct permissions on underlying objects. To avoid requiring direct permissions from the caller, all following must be true:
The stored procedure and the underlying objects belong to the same schema.
The activity is static (as opposed to using dynamic SQL).
The activity is DML (SELECT, INSERT, UPDATE, or DELETE), or it is an execution of another stored procedure.
If any listed item is not true, the caller will be required to have direct permissions ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access