Security Implications of Using User-Defined Functions
You can grant or deny the permissions to use user-defined functions depending on the type of function:
For scalar user-defined functions, you can grant or deny permissions on EXECUTE and REFERENCES.
For inline user-defined functions, you can grant or deny permissions on SELECT, UPDATE, INSERT, DELETE, or REFERENCES.
For multistatement table-values user-defined functions, you can grant or deny permissions to SELECT and REFERENCES.
As in stored procedures and views, if every object referenced in a user-defined function belongs to the same owner as the user-defined function, and a user tries to use the function, permissions will be checked only on the function, not on every object referenced in ...
Get Microsoft® SQL Server™ 2000 Programming by Example now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.