January 12, 2016 at 9:10 am
I've always granted FULL NTFS control on MSSQL tempdb folder. It has been mentioned to me that "modify" is more than enough and more secure. I don't really see why.
Any opinions on this?
Thanks.
January 12, 2016 at 10:56 am
modify does not allow the user to take control of any folders or files within the parent folder where the permissions are granted (assuming inheritance has not been disabled).
You probably don't want users even having modify. Just read, write and delete, but then it really depends on who is accessing the folder and what theyre doing
-----------------------------------------------------------------------------------------------------------
"Ya can't make an omelette without breaking just a few eggs" 😉
January 12, 2016 at 11:18 am
Perry Whittle (1/12/2016)
modify does not allow the user to take control of any folders or files within the parent folder where the permissions are granted (assuming inheritance has not been disabled).You probably don't want users even having modify. Just read, write and delete, but then it really depends on who is accessing the folder and what theyre doing
Hey Perry, how have you been.
You are right, I don't want users to mess around with ldf files but I am talking about MSSQL server service, not regular users accounts. I usually grant FULL instead of MODIFY.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply