Being Cellfish

Stuff I wished I've found in some blog (and sometimes did)
Translate This Page
Search
  • Advanced search options...
Options
"News"
Started gathering VS achievements
TPL dataflow & async/await vs CCR
CCR tips and tricks
RDS 4 Beta
Kinect services for RDS 2008 R3
2009 Advent Calendar
System Center Cross Platform Providers Source
2008 Advent Calendar
System Center Cross Platform Extensions Beta
Tags
Archive
Archives
Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.

How to prevent the use of "SELECT *"

MSDN Blogs > Being Cellfish > How to prevent the use of "SELECT *"

How to prevent the use of "SELECT *"

8 Nov 2009 8:11 AM
  • Comments 1
One good tip for writing good SQL code is to always select the columns you need and never just select everything. Well here is a description on how to actually prevent SELECT * queries (you need to complete a free registration to see the article). The basic idea is to add a dummy column to all your tables and then limit the access to this column using DENY SELECT ON OBJECT for that column. Personally I think this is maybe taking it a little bit too far but desperate times calls for desperate measures, right...
Comments
  • Justin
    8 Nov 2009 12:54 PM

    On higher security networks, I've used this method. It also works for school districts looking to secure their DBs from wannabe student hackers changing grades (yes, I've seen it attempted).

Page 1 of 1 (1 items)
Leave a Comment
  • Please add 6 and 8 and type the answer here:
  • Post