|
|
Posted by Ward Bekker on 08/09/06 10:56
Hi Erland,
Thanks for the tips!
We are running SQL Server 2005.
Ward
Erland Sommarskog wrote:
> Ward Bekker (ward@NospaaMequanimity.nl) writes:
>> For a service I'm working on I need to ask the user for their database
>> create script. It's used to re-create the users database schema in a
>> temporary database on a in-house server in an automated fashion.
>>
>> For security reasons, I need to be sure that the create script can only
>> create tables, columns etc and not things like snooping in other
>> databases and/or formatting the server.
>>
>> Can you give me pointers about what the minimum grants are to let good
>> script execute successfully and evil scripts fail?
>
> First of all, which version of SQL Server including service pack do you
> have?
>
> As M.Bohse said, run the scripts as a user who only have access in that
> database, although in that database he need some privs. Very important:
> make sure that cross-database chaining is turned off, and that the
> database is not set as trustworthy on SQL 2005.
>
>
Navigation:
[Reply to this message]
|