Permissions to public in the master database

From: Ian (Ian_at_discussions.microsoft.com)
Date: 07/28/05 

Date: Thu, 28 Jul 2005 09:37:02 -0700

The company I work for provides an application that runs on SQL Server 2000.
One of our customers is requiring that we revoke all access granted to the
public role in master and create a user-role with the appropriate
permissions. I am reluctant to do this since I don't believe we should be
messing with the master database at all. I also found the following in a
post on one of the communities, "Should you alter permissions in master, your
SQL Server becomes an unsupported configuration so far as Microsoft is
concerned. If you have to call in support and they determine you've changed
permissions, they'll force you to roll back your changes before proceeding
any further." which supports my position. Is this indeed a true statement
and if so will Microsoft tell me this "officially" in order to present this
position to the customer.

Relevant Pages

  • Re: Detailed User Access Rights
    ... Sysadmin role members have full SQL Server permissions and OS permissions ... > 2) Now that my customers can create their own views etc, ... GRANT SELECT ON MyTableFunction TO CustomerUser ...
    (microsoft.public.sqlserver.security)
  • Re: Block User Viewing Vies & Procedures
    ... sp_helptext in master has public execute permissions by default and master ... that didn't work by defining the roles and permissions in the previous post ... Jasper Smith (SQL Server MVP) ...
    (microsoft.public.sqlserver.security)
  • Re: SharePoint Services
    ... I'm under the impression that the data tables can be uploaded to a SharePoint location, and that read / edit permissions could be enabled for different users??? ... It was common for customers to have accounts in more than one store / town ... ... However if you do not have share point services setup, nor do you have the expertise and training and resource personnel to run and set up those servers + SharePoint, **if** you users NOW have some type of connection to you network, then then I think the easiest and least amount of effort would be to simply put the backend database on SQL server and and link your front ends to that back end user. ... So, if these people are outside of your corporate network now, then expertise and ability to set up secure connections to allow them to come into your corporate network and pull data from sql server is VERY seriuos issue. ...
    (comp.databases.ms-access)
  • ADP, Application Role, and objects
    ... The above link is to an atricle on how to implement SQL Server Application ... After you connect with your ADP, fire a bit of code to set the ... third party tools to view the data on the same database. ... Scenario 1 - If I explicitly grant permissions on that object to the user ...
    (microsoft.public.access.adp.sqlserver)
  • Re: Please answer my queries for fresh Installation
    ... You can restore MSDB as well as master. ... > SQL Server, It will create Master, MSDB databases. ...
    (microsoft.public.sqlserver.server)