This is a proposed set of "minimum" fixed-role permissions required to run a DTS package to change data on the target database defined in the package. The login should be a member of the following fixed roles on the target database server:

db_ddladmin
db_datareader
db_datawriter

For the source database server these roles can be used to set read-only permissions:

db_datareader
db_denydatawriter

The need for db_ddladmin permissions should not be underestimated. Even when the DTS package does not explicitly CREATE or DROP database objects, SQL Server still seems to need this level of permissions to run the package at the target database without errors.