April 20, 2007 at 5:38 am
Hello,
I have had a request from developer for me to "list all the issues" which might arise from making an application which must run with dbo rights to its database. I think that he has an application which creates permanent tables on the fly, amongst other things. I think (hope) he's looking at putting a business case together for changes to this application so that it doesn't need dbo access any more. I think it is a windows service, if that makes any difference.
My initial response (to myself, not to him) was "good grief, isn't it just obvious that it shouldn't be done? Why ever was it done that way in the first place?!"
Now I've started thinking about it, I'm finding it hard to put together a reasoned argument (not because I think it should ever be allowed, but I'm sure there are other issues that I haven't thought about).
Does anyone know any good resources on this subject which I could point him to please?
Thanks,
Rachel
April 20, 2007 at 7:37 am
The basic answer is that you don't grant more permissions than are necessary. DBO can do pretty much anything inside the database, backup/restore, grant new users rights, change security, etc. The principle of least privilege should always apply.
If the application is built to create new tables, it doesn't need dbo necessarily. It could be a ddl_admin. But if this causes issues with the schema/owner of the objects, then dbo could be required.
I think you need to get a good handle on what the application does and then apply the least privileges required.
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply