Deny Everything

Kenneth Fisher goes over grant, revoke, and deny for permissions:

This means that MyUser can not run a SELECT statement against any table, view or table valued function in the database.

That probably doesn’t sound like you are applying a permission does it? And that is probably where a lot of the confusion comes in. If, however, we take a look at the system views where the data resides then we can see proof that both commands, GRANT and DENY, add a permission.

Particularly interesting is exactly how the deny permission works—and that “deny” is in fact a “permission” in that you modify a permissions list.

Related Posts

Sharing Power BI Content Via E-Mail

Steve Hughes looks at the security implications of being able to share Power BI reports through e-mail: My account does not have Power BI Pro, but now I can try it for free for 60 days and get access to the data while I am on the trial. I clicked both options, because I can. […]

Read More

Finding Where Power BI Local Credentials Get Stored

Eugene Meidinger hunts down where those local Power BI credentials live: With SSIS, you have to be careful to export the SSIS files without any sensitive information included. But what about Power BI? If you save the .PBIX files on OneDrive, can you be exposing yourself to a security risk? Looking at things, it looks […]

Read More


May 2016
« Apr Jun »