Re: Public Role for SQL 2000
- From: Keith.Wilson@xxxxxxxxxxxxxxxxxxxx <KeithWilsonnospammicrosoftcom@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 22 May 2007 13:05:00 -0700
Hi,
The following excerpt is taken from Chapter 5 - Microsoft SQL Server 2000
Security of Microsoft SQL Server 2000 Administrator's Pocket Consultant (ISBN
0-7356-1129-7):
public is the default role for all database users. Users inherit the
permissions and privileges of the public role, and this role represents
their minimum permissions and privileges. Any role that you assign to a
user, beyond the public role, add permissions and privileges. If you want
all database users to have specific permissions, assign the permissions to
the public role.
The following excerpt is taken from Chapter 8 - Managing SQL Serer 2005
Security of Microsoft SQL Server 2005 Administrator's Pocket Consultant:
The guest user is a special user that you can add to a database to allow
anyone with a valid SQL Server login to access the database... Before using
the guest user, you should not the following information about the account:
The guest user is a member of the public server role and inherits the
permissions of this role.
The guest user must exist in a database before anyone can access it as a
guest.
The guest user is used only when a user account has access to SQL Server
but does not have access to the database through this user account.
Other topics around public server role that may be of interest include:
http://www.microsoft.com/technet/prodtechnol/sql/2000/maintain/sqlops3.mspx
http://www.microsoft.com/technet/prodtechnol/sql/2000/maintain/sp3sec01.mspx
http://www.microsoft.com/technet/prodtechnol/sql/2000/deploy/mysql.mspx
10 Steps to help Secure SQL Server 2000
https://www.microsoft.com/sql/prodinfo/previousversions/securingsqlserver.mspx
SQL Server 2000 SP3 Security Features and Best Practices: Security Best
Practices Checklist
http://www.microsoft.com/technet/prodtechnol/sql/2000/maintain/sp3sec04.mspx
SQL Server 2000 SP3 Security Features and Best Practices: Implementation of
Server Level Security and Object Level Security
http://www.microsoft.com/technet/prodtechnol/sql/2000/maintain/sp3sec02.mspx
SQL Server 2005 (BOL) - Security Considerations for a SQL Server Installation
http://msdn2.microsoft.com/en-us/library/ms144228.aspx
Regards,
Keith Wilson
Disclaimer: this posting is provided "as is" without implied or express
warranties.
"Tushar" wrote:
.Hi, I too have same questions.
I tried to drop this public role but not able to drop.
I tried to Revoke Select permission but not able to do that. It is not
giving any error but not working as expected. Any urgent reply will be
gratly appreciated.
Thank,
Tushar Vaja
"wit1" <wit1@xxxxxxxxxxx> wrote in message
news:%23DBcPkqiHHA.1244@xxxxxxxxxxxxxxxxxxxxxxx
For SQL 2000, I see that the Public role has some privileges like SELECT,
UPDATE, DELETE, & EXECUTE, permissions for some User's database objects
(Tables, views, &Stored procedures .)
Is that a security concern?
What will happen if I remove these privileges or revoke them?
Will that effect the rest of the users?
I read many threads on the internet, but no one could tell me the answers
for the 3 questions above.
Thanks in advance.
- References:
- Re: Public Role for SQL 2000
- From: Tushar
- Re: Public Role for SQL 2000
- Prev by Date: Re: Read-Only table?
- Next by Date: Re: SQL 2000 table deleted...
- Previous by thread: Re: Public Role for SQL 2000
- Next by thread: Help in SQL
- Index(es):
Relevant Pages
|
