sp_oacreate security execute problem

From: Rich Norgaard (rich_at_discussions.microsoft.com)
Date: 11/24/03 

Date: Mon, 24 Nov 2003 08:12:24 -0800

Hello all!

    I've been troubleshooting this problem for quite some
time now with no success. I am experiencing some sort of
security issue trying to use the sp_oacreate family of
stored procedures. I am testing this on a managed hosting
box on which I have an Admin account and sa priviledges,
but am restricted via security policies on certain system
configs. I'm pretty sure they've done something funny and
misconfigured something. Here's the sql code first of all:

DECLARE @pid int, @hr int, @path varchar(500), @src
varchar(1000), @desc varchar(1000)
SET @path = 'd:\myscript\test.wsf'
EXEC @hr = sp_OACreate 'WScript.Shell', @pid OUT
IF @hr <> 0
BEGIN
   EXEC sp_OAGetErrorInfo @pid, @src OUT, @desc OUT
   SELECT 'oacreate',hr=convert(varbinary(4),@hr),
Source=@src, Description=@desc
    RETURN
END
EXEC @hr = sp_OAMethod @pid, 'Run', NULL, @path
IF @hr <> 0
BEGIN
   EXEC sp_OAGetErrorInfo @pid, @src OUT, @desc OUT
   SELECT 'oamethod',hr=convert(varbinary(4),@hr),
Source=@src, Description=@desc
    RETURN
END
EXEC @hr = sp_OADestroy @pid

    It works on two of three servers from this same
provider, all of which are 'supposed' to be configured
exactly the same. It also works on all of our local
servers here. I am for the time being executing this in
Query Analyzer with sa.

    Here's the result:

oamethod 0x80070002 NULL NULL

    At first I thought is was restrictions at the DB
level so I set all related system stored procedures to
everyone and it still failed.

    Next we looked at local security policies and noticed
that 'Create global objects' and 'Impersonate a user
after authentication' were not set, so we got our
provider to set the effective settings to Service, System
and Administrators. Still no luck.

    The error number results on the call to the method
Run but searches on this revolve around licensing and I
couldn't find anything specific enough to help.

    The script itself is simply an ADO call to the DB
with a comment so I can see it in Profiler, here's the
code for my .wsf:

<job id="myjob">
<script language="VBScript">
Set db_conn = Createobject("ADODB.Connection")
db_conn.Open MY_CONN_STRING
db_conn.Execute("-- TEST - IT WORKED IF WE SEE THIS")
</script></job>

    Any help would be super appreciated; this is
definitely a tricky one! Thanks and have a super day!

> Rich

Relevant Pages

  • Re: question about ip addresses
    ... You are using a program to communicate to someone ... a client program, and one is the server program. ... This is neither unreasonable, nor a security issue. ... provider, your country, and likely one can deduce some more accurate ...
    (alt.computer.security)
  • Re: Vulnerabilites in new laws on computer hacking
    ... Money can't buy you software an online content provider has made themselves. ... Whoever fixed it was actually a good, security conscious programmer and I hope ... If the service provider couldn't provide the security, the customers had no ...
    (Bugtraq)
  • RE: besides "sa" who can run xp_cmdshell
    ... users to execute stored procedures and extended stored procedures. ... You can find out the current permissions by running 'sp_helprotect' stored ... Is there a way to determine which accounts (other than ... This list is provided by the SecurityFocus Security Intelligence Alert ...
    (Pen-Test)
  • Re: killing us softly with their stupidity
    ... > Do you know that the provider ... institutions, we can't get rid of them entirely (still that won't keep ... > Lahood concession for appointing men on top of the security pyramid then ... problems which we can't blame on sectarianism (or on sectarianism ...
    (soc.culture.lebanon)
  • Re: Sorry for not being clear
    ... AUTHORITY\SYSTEM Computer: TIM Description: A provider, ... the provider may cause a security violation if it does not correctly ... This is a windows problem and i don't think anyone here cares. ... Or is that just Bullshit? ...
    (Fedora)