>yes, it is a design bug/lack.
huh?
It's hard to protect your data (regardless of the source, product, or vendor) when the "bad guy" has physical access to the machine - especially with, or close to, admin permissions.
If you're so worried about this, physically secure the server. I once dealt with a client that housed the server in a vault
>
>i think you dont understand what i'm saying... let say...uninstall sql server or stop the service manager .... i can copy the database files to another computer with sql server installed and attach the database files i can see all the sp,data,,,, in it...hope you understand
>>
>yes, it is a design bug/lack.
>
>A SQL Database have not a
inner application password,
>and a customer can use sp_attach_db for skip all the access restrictions.
>
>At this point it can see all the db structures, and with a public program decrypt all.
>
>It is like supplying to a contender the application with the code source.
>Fantastic!
>SQL Server is a Open Source developer enviroment.