Permissions to access statistics should for SELECT permissions for the object. - by Erland Sommarskog

Status : 

  Fixed<br /><br />
		This item has been fixed in the current or upcoming version of this product.<br /><br />
		A more detailed explanation for the resolution of this particular item may have been provided in the comments section.


44
0
Sign in
to vote
ID 475804 Comments
Status Closed Workarounds
Type Suggestion Repros 1
Opened 7/20/2009 11:50:58 AM
Access Restriction Public

Description

Currently, to run DBCC SHOW_STATISTICS on a table, you need to be the table owner, or you need ALTER or CONTROL permission on the table (db_owner or db_ddladmin). This is very unfortunate when you run a linked server, and the account on the linked server is a low-priv account. The source cannot retrieve the statistics of the remote tables in this case, which can lead to veritable performance distasteras.

It is very difficult to see why extra permissions should be required to view data that I already have access to. That is, if I have SELECT permission on the table and the columns in the statistics, there is no security reason why I should be able to view the statistics.

For a plain user that accesses the database directly through Mgmt Studio, this is not a big deal, but in the case of linked servers it *is* a big deal.
Sign in to post a comment.
Posted by Boris [MSFT] on 6/7/2012 at 10:30 AM
Hi,

The duplicate item is http://connect.microsoft.com/SQLServer/feedback/details/695640/dbcc-show-stati-stics-requires-elevated-priviledges

Regards,
Boris.
Posted by WikidCentaur on 5/29/2012 at 7:48 AM
Please provide information to the item this duplicates so that we can track it too.
Posted by Microsoft on 4/9/2012 at 6:03 PM
Posted by Microsoft on 2/1/2012 at 10:30 AM
Dear Erland,

We're closing this as a duplicate of another item, which we're still tracking.

Best regards,
Eric Hanson
Program Manager
SQL Server Query Processing
Posted by Boris [MSFT] on 7/20/2009 at 6:15 PM
Hello Erland,

Thank you for filing this item! We are currently looking into options for DBCC SHOW_STATISTICS run under less-privileged context and have grantable permission.

As it has been discussed in the forum you are a part of, there are multiple options to consider.

Regards,
Boris Baryshnikov.
SQL Server Engine