Code Analysis

SC005

Page last updated 11 September 2018

The procedure grants itself permissions

The procedure grants itself permissions. This may indicate that a GO is missing.

Available in

SQL Prompt

SQL Code Guard

Consider the following:

CREATE PROCEDURE MyProc
AS
     BEGIN
         SET NOCOUNT ON;
     END;
  
GRANT EXECUTE ON MyProc TO PUBLIC;
GO

In the above example, if GO is omitted before the GRANT statement, the procedure will be created with the GRANT statement included as part of its body, and no rights will be granted during script execution. It is very unusual for a stored procedure to legitimately grant rights to itself, which is why this pattern should be flagged.


Didn't find what you were looking for?

Product Articles

Tips and how-to guides for Redgate products

University

Easy to follow video courses

Community Forums

Ask, discuss, and solve questions about Redgate's tools

Events & Friends

Meet us at an event, get sponsored, and join our Friends of Redgate

Simple Talk

In-depth articles and opinion from Redgate's technical journal