Re: DENY ALL on system SPs in a database
- From: "Uri Dimant" <urid@xxxxxxxxxxx>
- Date: Thu, 24 Jul 2008 09:54:05 +0300
Mike
Do not let the user access to the master database. Does the account you
connect to have sysadmin privilege?
"Mike" <mikey@xxxxxxxxxxxxx> wrote in message
news:O%23FHnRP7IHA.3672@xxxxxxxxxxxxxxxxxxxxxxx
ALL,
We are currently undergoing a SQL injection attack. While I have denied
all access to system tables in the databases for the account in question,
I was wondering if there is any risk in denying execute rights on all the
system stored procedures in the database as well for this account (which
is a sql account I created for our web applications to use)
We are currently using MSSQL Server 2000 in the windows environment
Thoughts?
Thank you in advance!
Mike
.
- Follow-Ups:
- Re: DENY ALL on system SPs in a database
- From: Mike
- Re: DENY ALL on system SPs in a database
- References:
- DENY ALL on system SPs in a database
- From: Mike
- DENY ALL on system SPs in a database
- Prev by Date: Re: Row level security
- Next by Date: Re: Row level security
- Previous by thread: Re: DENY ALL on system SPs in a database
- Next by thread: Re: DENY ALL on system SPs in a database
- Index(es):
Relevant Pages
|
