A common question on the newsgroups is "What do I need to do so that users in Mgmt
Studio only see the databases they have access to?". Surely, they are accustomed to
this from SQL 2000, where EM would behave this way. Alas, there were issues with
how EM implemented this. It went and checked every database, and this could be
costly, particularly if there were many databases on auto-close.
What is possible in SQL 2005, is to revoke or deny the permission VIEW ANY DATABASE.
However, this is too far-reaching, because now users can only see the system databases
and databases that they own.
The current situation is certainly unsatisfying, and it also goes against the principle
"secure by default".
The root of the problem is that the answer to the question whether the user is
permitted in a database is found only in the database itself; not in master.