Hi Randy, > I found that I can call a DROP TABLE from various ways with a SQL editor. > I seem to be missing a way to keep them from successfully calling this > command, except to not let them have ODBC access in the first place. > We have our system set to not allow INSERTS and UPDATES, but DROP TABLE still > works if they have ODBC access. > Any hot tips to prevent this? I'm a SQL newbie, so maybe I'm missing > something obvious.
Are you using the 4D Password System? If so, are you using a SQL Schema for the table? If so, check the "Full (data and design)" group and make sure this user attempting to drop the table does not belong to that group. Reminder: SQL Schemas only work if the 4D Password System is enabled. The default Group for "Full (data and design)" in the default schema is <Nobody> so I thought that by default (with the 4D password enabled) this should be denied. -Tim ********************************************************************** 4D Internet Users Group (4D iNUG) FAQ: http://lists.4d.com/faqnug.html Archive: http://lists.4d.com/archives.html Options: http://lists.4d.com/mailman/options/4d_tech Unsub: mailto:[email protected] **********************************************************************
