I ran across an interesting property set in a SQL Server database for a customer, the property is called “Trustworthy”. I myself have heard of the property just not ran across it before to really understand what the property does.
Trustworthy is a database property, meaning it is set for individual databases. By default the property if flagged as off and must be manually changed to on.
The property itself allows database users to impersonate other users by using the execute as statement. This is helpful when a database user must access resources outside the database. A few examples of when the trustworthy property can be helpful are:
- When a user needs access to server level resources
- When a user needs access to other databases on the instance (keep in mind this setting is set at the database level).
There comes a risk when using the trustworthy property. If a particular user in the database in which you set trustworthy on is a member of the ‘db_owner’ role, the could impersonate the SA role.
I would say it is good practice to not turn trustworthy on, but understand there could be legitimate business reasons the property needs to be set. Just be aware of the risks and flaws this setting opens up.
For more information on the trustworthy property check out the Microsoft doc located here. To turn on trustworthy use the following SQL statement: ALTER DATABASE DatabaseName SET TRUSTWORTHY ON;
The post What is the SQL Server Trustworthy database property? appeared first on VitaminDBA.