Being Cellfish

Stuff I wished I've found in some blog (and sometimes did)

How to prevent the use of "SELECT *"

Change of Address
This blog has moved to blog.cellfish.se.

How to prevent the use of "SELECT *"

  • Comments 1
One good tip for writing good SQL code is to always select the columns you need and never just select everything. Well here is a description on how to actually prevent SELECT * queries (you need to complete a free registration to see the article). The basic idea is to add a dummy column to all your tables and then limit the access to this column using DENY SELECT ON OBJECT for that column. Personally I think this is maybe taking it a little bit too far but desperate times calls for desperate measures, right...
  • On higher security networks, I've used this method. It also works for school districts looking to secure their DBs from wannabe student hackers changing grades (yes, I've seen it attempted).

Page 1 of 1 (1 items)