April 14, 2004 at 5:59 am
I recently ran into a permissions problem while trying to set up a Bulk Insert task in DTS. During the task configuration I got an error message that I didn't have permission to execute xp_availablemedia. Our "part time" SQL SA's (they're really the Wintel team) take the approach of fixing the specific problem you report, usually resulting in having to report four or five problems to get to your end result, i.e. what permissions are required to use the Bulk Insert task as opposed to fix the permissions on xp_availablemedia.
Can anyone point to a document or article on Best Practices relative to permissions for XP's? Which ones should be made generally available? Which ones should never be used by anyone besides the SA's? I'd like to be able to give them a list so that I can stop this constant process of fix one problem, hit another, fix that, hit another.
Thanks.
April 14, 2004 at 3:22 pm
SQLSecurity.com has a security checklist that lists extended stored procedures that should be restricted to sysadmins. Have a look:
http://www.sqlsecurity.com/DesktopDefault.aspx?tabid=24
Greg
Greg
April 15, 2004 at 5:37 am
Good post from the point of a paranoid security wonk. They restrict xp_availablemedia which is required to use Bulk Insert and they restrict xp_sdidebug which is required for debugging of SP's and UDF's. I don't think that's a list I want to give to our SQL SA's...
I've been looking on MS, but haven't found anything yet. I was hoping I could find a technical brief or something from them that takes into account issues like Bulk Insert and debugging.
December 14, 2004 at 9:18 am
try this:
http://support.microsoft.com/default.aspx?scid=kb;en-us;323249
probably not something your SA would like to hear but this is what MSDN says...
Viewing 4 posts - 1 through 3 (of 3 total)
You must be logged in to reply to this topic. Login to reply