Level Extreme platform
Subscription
Corporate profile
Products & Services
Support
Legal
Français
Login Assistance
Message
From
13/08/2002 11:34:52
Michael Levy
Cincinnati, Ohio, United States
 
 
To
13/08/2002 09:24:14
Bob Archer
Tampa, Florida, United States
General information
Forum:
Microsoft SQL Server
Category:
Security
Title:
Re: Login Assistance
Miscellaneous
Thread ID:
00688124
Message ID:
00689168
Views:
47
>Although, if the only account you made db_owner was with an NT account that ASP.NET impersonated which used NT Authentication to connect to the database, is there really a security issue?

Yes, if the account is hijacked through the application

>Isn't that kind of like saying, you shouldn't have any server admin eqivilent logins because they have access to everything?

Almost. It should be OK if the account is not exposed, especially to the Internet.

-Mike
Michael Levy
MCSD, MCDBA
ma_levy@hotmail.com
Previous
Reply
Map
View

Click here to load this message in the networking platform