I am going to tighten permissions on my SQL Server. In one book, it is reco
mmended to remove all permissions on the public role to user databases. By
default, it looks like the public role is granted permissions to the system
tables and system stored pr
ocedures.
Does the public role need access to these?
Thank you,
JLFlemingBooks Online has this recommendation:
To protect against unauthorized data access, minimize the permissions
granted to the public role. Instead, grant permissions to other database
roles and to user accounts associated with logins
There's some additional guidance here:
SQL Server 2000 SP3 Security Features and Best Practices: Security Best
Practices Checklist
http://www.microsoft.com/technet/pr...n/sp3sec04.mspx
Thanks,
Kevin McDonnell
Microsoft Corporation
This posting is provided AS IS with no warranties, and confers no rights.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment