Inorder to encrypt the text of stored procedures containing sensitive information, Sql Server provides WITH ENCRYPTION to encrypt the Stored Procedure.
Create Procedure [dbo].[spAccountInformation]
With Encryption As
Begin
Set Nocount On
Select AccID,FirstName,LastName,Email
From AccountMaster
Order By Email
End
Once the stored procedure has been created WITH ENCRYPTION, attempts to view the stored procedure returns a message specifying that the text is encrypted:
Exec sp_helptext spAccountInformation
The text for object 'spAccountInformation' is encrypted.
One note of caution. Save the original text or keep int it VSS of the stored procedure before encrypting it, as there is no straightforward way to decode the encrypted text. One hack is to attach a debugger to the server process and retrieve the decrypted procedure from memory at runtime.
No comments:
Post a Comment