问题
I have SQL2008R02 database user added to the data reader role. This user can SELECT all tables. But I want to him to restrict him from one table. How do I do this? I do not want to run GRANT SELECT individually on all tables except one.
回答1:
You can use a DENY permission on the one table, for example:
DENY SELECT ON myTable TO myUser
DENY "permissions" are available in SQL 2008 onwards.
https://msdn.microsoft.com/en-GB/library/ms188338.aspx
来源:https://stackoverflow.com/questions/26978536/a-user-with-db-datareader-role-has-select-access-to-all-table-how-do-i-exclude