Plateforme Level Extreme
Abonnement
Profil corporatif
Produits & Services
Support
Légal
English
Login Assistance
Message
De
13/08/2002 11:34:52
Michael Levy
Cincinnati, Ohio, États-Unis
 
 
À
13/08/2002 09:24:14
Bob Archer
Tampa, Floride, États-Unis
Information générale
Forum:
Microsoft SQL Server
Catégorie:
Sécurité
Titre:
Re: Login Assistance
Divers
Thread ID:
00688124
Message ID:
00689168
Vues:
46
>Although, if the only account you made db_owner was with an NT account that ASP.NET impersonated which used NT Authentication to connect to the database, is there really a security issue?

Yes, if the account is hijacked through the application

>Isn't that kind of like saying, you shouldn't have any server admin eqivilent logins because they have access to everything?

Almost. It should be OK if the account is not exposed, especially to the Internet.

-Mike
Michael Levy
MCSD, MCDBA
ma_levy@hotmail.com
Précédent
Répondre
Fil
Voir

Click here to load this message in the networking platform