If user defined functions are never executed outside the context of a stored procedure, what are the reasons one might grant permissions on SQL Server user defined functions?
Should we add grant permissions when developing database creation scripts that involve creating UDFs?
A user defined function can be used outside the context of stored procedures. It is good practice to allow this granularity in database object security. I prefer to have permissions involving roles (data reader, data writer, reports, etc.) then yes use grant permission using the creation scripts. Take a look at this http://technet.microsoft.com/en-us/library/dd283095(v=sql.100).aspx
