BUG: Nested Stored Procedures with same owner fail with error

ID: Q139283

The information in this article applies to:

Microsoft SQL Server version 6.0

BUG# NT: 11816 (6.00)

SYMPTOMS

If two stored procedures are created with the same object owner and the first stored procedure calls the second and the owner revokes Execute permissions on the second stored procedure, the execution of the second stored procedure will fail with the following error:

Msg 229, Level 14, State 1
EXECUTE permission denied on object <second stored procedure>,
database <database>, owner <object owner>

Revoking the permissions on the second stored procedure should be allowed because permissions should only be checked on the first stored procedure since both objects have the same owner.

WORKAROUND

Do not revoke permissions to the nested stored procedure (sp2 in the code sample above) since, by default, only the object owner can execute their own stored procedure unless a Grant is performed.

STATUS

Microsoft has confirmed this to be a problem in Microsoft SQL Server version 6.0. We are researching this problem and will post new information here in the Microsoft Knowledge Base as it becomes available.

MORE INFORMATION

For more information on Ownership Chains, see the SQL Server "Administrator's Companion," Part 4 (Security), Chapter 8 (Security Concepts), then topics on "About Permissions," "Permissions on Views and Stored Procedures," and "Ownership Chains."

This also effects extended stored procedures such as xp_cmdshell.

Additional query words: sql6 grant revoke


Keywords          : kbprg SSrvProg SSrvStProc kbbug6.00 
Version           : 6.0
Platform          : WINDOWS 
Issue type        :

Last Reviewed: April 20, 1999