Re: SQL Server "sa" Account
From: Mary Chipman (mchip@nomail.please)
Date: 11/24/02
- Next message: Brett Karst: "Re: SQL Server"
- Previous message: Brett Karst: "SQL Server "sa" Account"
- In reply to: Brett Karst: "SQL Server "sa" Account"
- Next in thread: Brett Karst: "Re: SQL Server"
- Reply: Brett Karst: "Re: SQL Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Mary Chipman <mchip@nomail.please> Date: Sun, 24 Nov 2002 10:39:43 -0500
What you are currently doing violates the most basic security
principles and leaves you vulnerable to all kinds of attacks. A little
basic research is in order -- see the following:
http://www.microsoft.com/sql/techinfo/administration/70/securityWP.asp
http://www.sqlsecurity.com/
http://vyaskn.tripod.com/sql_server_security_best_practices.htm
-- Mary
MCW Technologies
http://www.mcwtech.com
On Sun, 24 Nov 2002 07:18:43 -0800, "Brett Karst"
<karst.brett@mayo.edu> wrote:
>I have encountered a situation where six people are
>sharing the "sa" account's password for SQL Server 7.0.
>For purposes of individual accountability, I know that
>it's possible to create an sa role and add six separate
>accounts under that role. If this is done, would the "sa"
>account itself still be needed?
- Next message: Brett Karst: "Re: SQL Server"
- Previous message: Brett Karst: "SQL Server "sa" Account"
- In reply to: Brett Karst: "SQL Server "sa" Account"
- Next in thread: Brett Karst: "Re: SQL Server"
- Reply: Brett Karst: "Re: SQL Server"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
