Re: DTS Security
From: Johnathen Liew (johnliew@rocketmail.com)
Date: 08/20/02
- Next message: E Byrne: "managing application role passwords without hard-coding them into applications"
- Previous message: C S: "Hide list of databases in Enterprise Manager"
- In reply to: Donna Lambert [MS]: "RE: DTS Security"
- Next in thread: Sue Hoegemeier: "Re: DTS Security"
- Reply: Sue Hoegemeier: "Re: DTS Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Johnathen Liew" <johnliew@rocketmail.com> Date: Tue, 20 Aug 2002 13:54:15 +0800
Donna,
But we still need to create a login into the SQL Server, before any packages
can be run....?
We have a scenerio, where we need to create a DTS package, which is run by a
designated user. This user should have no other rights other than running
the DTS package. We created a login, with no Fixed Server Roles and no
Database Roles. This user is able to execute the package, but he is able to
stop the SQL Agent services as well, which is bad, but he cannot drop/create
tables, which is good.
Is this a SQL Server bug? Any idea anyone?
Thanks
Johnathen Liew
"Donna Lambert [MS]" <dlambert@online.microsoft.com> wrote in message
news:I0wk$8URCHA.2468@cpmsftngxa06...
> Adrian,
> Seems like it would be much simpler to password protect your dts packages.
> Just a suggestion.
> Donna Lambert
> Microsoft SQL Server Support
>
>
> Disclaimer:
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
> Are you secure? For information about the Microsoft Strategic Technology
> Protection Program and to order your FREE Security Tool Kit, please visit
> http://www.microsoft.com/security.
>
>
> Recent viruses on the Internet underscore the threat to all computer users
> and highlight challenges facing the entire industry in providing security
> that everyone needs to conduct business. I encourage you to sign up to
> receive automatic notification of Microsoft Security Bulletins by visiting
>
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/
> bulletin/notify.asp. For more information on security, our Strategic
> Technology Protection Program and to order your FREE Security Tool Kit,
> please visit http://www.microsoft.com/security. We will be happy to answer
> any questions or provide assistance with your security needs.
>
> --------------------
> | Content-Class: urn:content-classes:message
> | From: "Adrian" <adrianw@persoft.com.my>
> | Sender: "Adrian" <adrianw@persoft.com.my>
> | Subject: DTS Security
> | Date: Thu, 15 Aug 2002 20:29:53 -0700
> | Lines: 8
> | Message-ID: <2d4401c244d5$2fa91c50$35ef2ecf@TKMSFTNGXA11>
> | MIME-Version: 1.0
> | Content-Type: text/plain;
> | charset="iso-8859-1"
> | Content-Transfer-Encoding: 7bit
> | X-Newsreader: Microsoft CDO for Windows 2000
> | X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
> | Thread-Index: AcJE1S+pE2PllW9uQampwdIwCabugg==
> | Newsgroups: microsoft.public.sqlserver.security
> | Path: cpmsftngxa06
> | Xref: cpmsftngxa06 microsoft.public.sqlserver.security:7577
> | NNTP-Posting-Host: TKMSFTNGXA11 10.201.226.39
> | X-Tomcat-NG: microsoft.public.sqlserver.security
> |
> | Hi,
> | I want to create a user id where this id can only run
> | DTS. Other function like starting of the SQL Agent, backup
> | database should not be given access right. Could anyone
> | help what type rights should i assign to this userid.
> |
> | Thanks
> | Adrian
> |
>
- Next message: E Byrne: "managing application role passwords without hard-coding them into applications"
- Previous message: C S: "Hide list of databases in Enterprise Manager"
- In reply to: Donna Lambert [MS]: "RE: DTS Security"
- Next in thread: Sue Hoegemeier: "Re: DTS Security"
- Reply: Sue Hoegemeier: "Re: DTS Security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
