March 3, 2002 at 5:42 am
when we copy the database file (.mdf and .ldf) from a server to another server with another sa password, then new system admin can easily attach that files to his server.
what can we do to avoid this ?
Please help.
March 3, 2002 at 1:51 pm
Sorry, SA can pretty much touch any SQL file that is accessible on the server and he gets full rights. Don't know if Microsoft has any plans to change, but you could always suggest to them they do.
"Don't roll your eyes at me. I will tape them in place." (Teacher on Boston Public)
March 3, 2002 at 1:53 pm
Crude forgot to put in, this is done this way for several reasons including being able to restore to another server from backup or straight file since the logins in the attaching DB do not always exist on the server being attached to.
"Don't roll your eyes at me. I will tape them in place." (Teacher on Boston Public)
March 3, 2002 at 9:03 pm
BTW, this is the reason SQL Servers should not be directly exposed to the Internet (and a reason to chain SQL Servers together to ensure sensitive data is a couple of steps beyond the firewall, as Steve has discussed). If a SQL Server is compromised with an administrator account, it doesn't take much to copy off the files. This is also why there has to be a level of trust with any internal personnel who possess administrative rights to the server where SQL Server runs.
This also serves to illustrate the need to lock down exposed servers based on industry best practices, regardless of the server type. Had the security checklist put out by Microsoft been followed with respect to IIS boxes, Code Red and Nimda wouldn't have done much at all.
K. Brian Kelley
http://www.sqlservercentral.com/columnists/bkelley/
K. Brian Kelley
@kbriankelley
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply