Rules And Exceptions

Shane O’Neill had to change a mental process regarding granting permissions:

With CREATE permissions this isn’t the case; there is a piece of the above template that isn’t needed, and it’s quite easy to see why when I sat down and thought about it.

Specifically, it’s this bit:

<On What>

I’m granting CREATE permissions; since I haven’t created anything, I can’t grant the permission on anything.

I like this post for the direct reason (granting certain permissions doesn’t require specifying an object), but for the implicit point as well:  we build up internal systems of rules and processes as we act on things.  This inductive reasoning tends to work well for us in most scenarios, but at some point, our systems break down and we find out either that we need to incorporate edge cases into our system, or that we were actually focusing on an edge case the entire time.

Related Posts

Permission Set In A Post-SQL 2017 CLR World

Solomon Rutzky investigates what the PERMISSION_SET property does as of SQL Server 2017: And farther down on that same page, there is a note stating:  Important The PERMISSION_SET option is affected by the clr strict security option, described in the opening warning. When clr strict security is enabled, all assemblies are treated as UNSAFE. The last sentence in each of those quoted statements […]

Read More

Things Not To Do In SQL Server

Randolph West has a how-not-to guide for SQL Server: Don’t use TIMESTAMP We covered this in detail in a previous post, What about TIMESTAMP? It’s better to pretend that this data type doesn’t exist. Why not? It is not what you think it is. TIMESTAMP is actually a row version value based on the amount of time since SQL Server was started. […]

Read More

Categories

August 2016
MTWTFSS
« Jul Sep »
1234567
891011121314
15161718192021
22232425262728
293031