February 2, 2016 at 7:03 am
Hi
Just ran a quick audit and found that my some of my DB's have trustworthy set to ON.
I have read about some of the implications of the setting but am a little confused and hope this forum can provide a better explanation.
What are some of the potential risks if I change this setting back? I don't have the luxury of a true dev or qa environment.
February 2, 2016 at 7:25 am
It's by default set to OFF.
Must be ON when is usually used for assemblies in SQL Server (.dlls). Of course it's has other security aspects, but I suggest to check it first.
Run this to check for potential user defined assemblies:
select * from sys.assemblies a
where a.is_user_defined=1
Igor Micev,My blog: www.igormicev.com
February 2, 2016 at 12:39 pm
Here is a post that (a.o.) explains the risks of using SET TRUSTWORTHY ON: http://sqlity.net/en/1701/the-trustworthy-database-property-explained-part-2/[/url].
It also explains that in most cases, using the TRUSTWORTHY property is not required. Just easier.
Viewing 3 posts - 1 through 2 (of 2 total)
You must be logged in to reply to this topic. Login to reply