Mystery SQL database access
- From: SusanMSDN <SusanMSDN@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 12 Mar 2009 11:06:03 -0700
I am in the process of analyzing an existing SQL Server 2000 implementation.
I am currently looking at the security and have found something I can't
explain.
I see a standard SQL Server login.
The login does not have any user database access. The login is not part of
any server roles. In spite of this, the login is connecting to a database
and executing stored procedures from a remote server.
I do see an entry in the public group in the database which is
'\loginid'...don't understand what this is.
The guest account does not exist in the database.
No permission to execute sps has been granted to public so even if the
standard id is somehow tied to the entry in public it should not have perms
to execute anything.
The Windows server does not have an local ids similarily named.
I have run out of ideas here.....any thoughts?
Thanks in advance.
Susan
.
- Follow-Ups:
- Re: Mystery SQL database access
- From: Geoff N. Hiten
- Re: Mystery SQL database access
- From: Dan Guzman
- RE: Mystery SQL database access
- From: Mohit K. Gupta
- Re: Mystery SQL database access
- Prev by Date: SQL support for PCI Complaint
- Next by Date: RE: Active Directory Group in SQL Server 2005 SP3 Server
- Previous by thread: SQL support for PCI Complaint
- Next by thread: RE: Mystery SQL database access
- Index(es):
Relevant Pages
|
