It is possible to encrypt the text of stored procedures
containing sensitive information. SQL Server provides the WITH
ENCRYPTION to encrypt the text of the stored procedure.
CREATE procedure [dbo].[spLoginCheck]
WITH ENCRYPTION AS
SET ROWCOUNT 10
SELECT Products.UserName AS UN
FROM Users
Once the stored procedure has been created WITH ENCRYPTION,
an attempts to view the stored procedure returns a message specifying that the text is encrypted as below,
"EXEC sp_helptext usp_SEL_EmployeePayHistory"
'The text for object 'spLoginCheck' is encrypted.'
Please be cautious to save the original text of the stored procedure before encrypting it,
as there is no straightforward way to decode the encrypted sp. One alternate is to attach a
debugger to the server process and retrieve the decrypted procedure from memory at runtime.
No comments:
Post a Comment